• slide

    Minded Security at BlackHat

    July 26-27, 2017
    Mandalay Bay - Las Vegas

  • Marco Morana, Director at Minded Security UK has released a brand new book on Process for Attack Simulation and Threat Analysis.

    Marco Morana, Director at Minded Security UK has released a brand new book on Process for Attack Simulation and Threat Analysis.

  • Are your developers aware about how to fix vulnerabilites in the code?

    Are your developers aware about how to fix vulnerabilites in the code?

  • Is your management aware of cyber security risks?

    Is your management aware of cyber security risks?

  • Do you know which vulnerabilities have most impact to your business?

    Do you know which vulnerabilities have most impact to your business?

  • Are you verifying the JavaScript Code you are developing?

    Are you verifying the JavaScript Code you are developing?

Latest news from our blog

RCE in Oracle NetBeans Opensource Plugins: PrimeFaces 5.x Expression Language Injection

PrimeFaces is a open source User Interface (UI) component library for JavaServer Faces (JSF) based applications, sin...

Posted on Monday February 15, 2016

RAT WARS 2.0: Advanced Techniques for Detecting RAT Screen Control

In the landscape of web maliciousness Remote Administration Trojans [1] are not a new trend but their usage is still strong and growing steady. At its core a RAT is a backdoor facility used to let an attacker enter unnoticed into the victim computer to control it remotely: for example most banking trojan nowadays are using remote desktop modules to open a...

Posted on Friday February 05, 2016

Request parameter "_method" may lead to CakePHP CSRF Token Bypass

In CakePHP we noticed that under certain circumstances is it possible to bypass the built-in security checks offered by CSRF and anti-tampering.As stated in the official documentation "By using the Security Component you automatically get CSRF and form tampering protection" [1], however this is not true in case a form controller does not check whether the request is...

Posted on Tuesday January 12, 2016
More articles

Client Side Security Assessment

Take advantage of the best way to scan and analyze complex enterprise portals with rich JavaScript content, without the need of buying a license.

 more info

Newsletter

Stay in touch with Minded Security. 

Subscribe to our newsletter.

 more info

Manual Secure Code Review for critical applications

Probably the single-most effective technique for identifying security flaws in your code.

 more info

Mobile Security Assessment

Verify the security of your Mobile Applications with a Mobile Security Assessment.

 more info

Secure Coding Guidelines

Introduce security in your software development life cycle and improve the quality of your code.

more info

Web Fraud Detection Technology

Try our sophisticated security platform for detecting and managing advanced threats that target the customer base of internet banking portals.

 more info

Advanced training on how to fix vulnerabilities in your code

What about training your developers to fix the vulnerabilities in your own code?

 more info

High level training on Software Security

Learn how to identify various risk factors of cyber-threats by following a structured process.

 more info

JavaScript Security Training

Learn the methodology for developing JavaScript code safely, avoiding the introduction of security issues in the source code.

 more info

Minded Security Webinar: register here

Do you want to learn more about secure software without the need of moving from home?

 more info

Advanced Penetration Testing with fixing support

Get a security assessment on your applications with an advanced support to fix the vulnerabilities fund during the test.

 more info

Software Assurance Maturity Assessment

Evaluate the current state of the maturity of your organization in conducting software security activities.

 more info

3.100.000

end users protected

1000M

dynamic web pages scanned

17

Achieved Countries