Blog
Two serious vulnerabilities leading to remote code execution (RCE) have been found in the popular Spring framework, one in Spring… Read more
The DORA Framework introduces stringent guidelines for the financial sector's cybersecurity. This evolution mandates advanced security testing methodologies beyond traditional… Read more Java Naming and Directory Interface (JNDI) is a Java API that allows clients to discover and look up data and… Read more
Tenendo proposes alternatives and customized red teaming engagements to fit specific customer needs and budgets, ensuring security maturity alignment. Read more On December 10, 2021, Apache released a fix for CVE-2021-44228, a critical RCE vulnerability affecting Log4j that is being exploited… Read more
Article will help to introduce DORA requirements to those who have years of cybersecurity experience but are very new to… Read more Preventing JNDI injection vulnerabilities by using a source code review is always a good idea. Read more
Tenendo proposes focused red teaming: it is tailored to evaluate specific elements of a target company's security posture. Read more Secure secrets management in Docker containers from the offensive point of view. With examples and demo scripts. Read more
Cyber incidents are no longer a question of if, but when. Tenendo’s Ransomware and Cyber Incident Readiness Assessment equips your… Read more Secure secrets management in Docker containers from the offensive point of view. Secrets in memory. Secrets in build arguments Read more Secure secrets management in Docker containers from the offensive point of view. Secrets in bash/zsh scripts. Secrets in logs. Read more
