Least Authority CEO Liz Steininger, & Security Researcher Anna Kaplan, joined the SNARK Chocolate podcast team from Ingonyama to talk about our roots, how to become a security auditor, privacy-first audits, applied cryptography trends, and the limits of AI in security work. https://youtu.be/Rw-jRay0nGk?si=97byb0008gmHpAEO
#securityaudit
0 posts0 participants0 posts today
In May 2025, Cybersecurity firm Cure53 performed a white-box security audit on Passbolt v5.1, covering the browser addon and API.
The audit confirmed passbolt's overall security posture is robust, with no critical vulnerabilities found. The report included important recommendations around enhancing data integrity mechanisms.
Results of the security audit and report are publicly available at: https://www.passbolt.com/incidents/passbolt-v5-1-security-audit-results
#OpenSource #SecurityAudit #PasswordManager #CyberSecurity
PassboltPassbolt Security Incident Report: audit - July 2nd, 2025The open source password manager for teams. Passbolt simplifies password management, helps prevent data loss, stores data securely and enables secure password sharing.
Breaking news: Ruby on Rails is still open-source and still has code! 
After an epic audit saga fueled by acronyms and jargon, we're told Rails is now secure enough to not implode when you blink at it. Thanks, Sovereign Tech Agency and X41Dsec, for ensuring our web frameworks can continue to power cat photo apps without risking world peace. 
https://ostif.org/ruby-on-rails-audit-complete/ #RubyOnRails #OpenSource #WebDevelopment #SecurityAudit #CatPhotoApps #HackerNews #ngated
ostif.orgRuby on Rails Audit Complete! – OSTIF.org
Ruby on Rails Audit Complete
Audit complete!
The #GNUTaler #iOSwallet just passed a crystal-box #securityaudit by RadicallyOpenSecurity 
All major issues fixed — FaceID/TouchID support coming soon!
Thanks to NGI4EU & RadicallyOpen for the support!
https://www.taler.net/en/news/2025-02.html
Security Audit Says Perplexity's Android App is Unsafe, Cites Critical Flaws
#AI #PerplexityAI #AndroidSecurity #AppSecurity #Cybersecurity #Vulnerabilities #DataPrivacy #Appknox #MobileSecurity #Infosec #SecurityAudit
Cool #Rust #SecurityAudit video
Security Source Code Audit of @mullvadnet VPN by @x41sec
Passbolt partnered with Quarkslab to conduct a penetration test and assumed breach assessment of Passbolt Cloud solution.
What was tested?
Evaluated API security, backend controls, and safeguards against unauthorized actions.
Simulated an internal attack to assess resilience against an adversary with server access.
Read more on the blog article: https://hubs.li/Q039csDh0
PassboltPassbolt Clears Three Security and Compliance AuditsThis blog breaks down key findings from three independent assessments, reinforcing our commitment to strong security and compliance.
Over the last four months, passbolt underwent three independent assessments to evaluate and strengthen our security posture.
These assessments help us identify and address areas for improvement while confirming our existing security strengths.
Read more about the latest security reviews: https://hubs.li/Q039csDh0
See the findings in the thread.
PassboltPassbolt Clears Three Security and Compliance AuditsThis blog breaks down key findings from three independent assessments, reinforcing our commitment to strong security and compliance.
Don't miss out on the insights from FOSDEM'25! The recording of "How FreeBSD Security Audits Have Improved our Security Culture" is now available to watch online. Learn about Alpha-Omega's work with the FreeBSD Foundation, the vulnerabilities identified, and the future of security in FreeBSD.
Watch the video and download the slides here: https://buff.ly/42OoyTC #FreeBSD #SecurityAudit #OpenSource #FOSDEM25 #AlphaOmega #infosec
We’re excited to share the results of the @NGIZero funded independent #securityaudit of LibEuFin, GNU Taler’s core banking integration component, conducted by Radically Open Security. Check out our detailed response outlining how we’ve already addressed the findings! https://taler.net/en/news/2024-26.html
taler.netGNU TalerTaxable Anonymous Libre Electronic Reserves
Prowler: An Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness.
https://github.com/prowler-cloud/prowler
#cybersecurity #securityaudit #dfir #kubernetes #aws #azure #gcp
GitHubGitHub - prowler-cloud/prowler: Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and moreProwler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, har...
Our team recently completed a #securityaudit of Rabby Wallet. You can read the full report, including our findings, here: https://leastauthority.com/blog/audits/rabby-wallet-final-audit-report/
Least AuthorityAudit of Rabby Wallet - Least AuthorityA security audit of Rabby Wallet, a web3 wallet offering users a multi-chain DeFi experience.
In a hybrid on-premises and AWS environment, implementing security principles like Role-Based Access Control (RBAC), Zero Trust, and Least Access is crucial to protect resources and data.
LINUXexpert · Implementing RBAC, Zero Trust, and Least Access Principles in a Hybrid On-Prem and AWS EnvironmentImplementing Role-Based Access Control (RBAC) in a hybrid environment. Learn how to secure resources and data in an on-premises and AWS setup.
Take a minute to watch this video from Worldcoin that highlights why security audits are essential. We've conducted several audits for Worldcoin, covering smart contracts and cryptographic protocols. https://www.youtube.com/watch?v=pPx8dW1wP2U #smartcontract #securityaudit
Ethereum to launch first $2M protocol-wide ‘Attackathon’ - Ethereum’s security team is planning a four-week hackathon to test the b... - https://cointelegraph.com/news/ethereum-launching-first-protocol-hackathon #securityaudit #attackathon #hackathon #ethereum #eth
Cointelegraph · Ethereum to launch first $2M protocol-wide ‘Attackathon’
MakerDAO and Sherlock team up for historic $1.35M security audit contest - MakerDAO partners with Sherlock for a record-breaking $1.35 million audi... - https://cointelegraph.com/news/makerdao-sherlock-1-35m-security-audit-contest #decentralizedfinance #securityexperts #record-breaking #securityaudit #$1.35mcontest #endgamephase #auditcontest #bugbounty #makerdao #sherlock #web3 #defi #dai
Cointelegraph · MakerDAO and Sherlock team up for historic $1.35M security audit contest
I'm in the process of a full security audit for @pixelfed by https://www.radicallyopensecurity.com
Huge thanks to @NGIZero for funding this initiative and helping keep our project more safe and secure 
www.radicallyopensecurity.comNon-Profit Computer Security ConsultancyWe're an idealistic bunch of security researchers, networking/forensics geeks, and Capture The Flag winners that are passionate about making the world more secure.
Secure #Communication!
Dive into our article to discover the #evolution of TLS protocols, why checking your server's TLS versions is crucial for data security, and how to perform tests using Nmap's powerful "ssl-enum-ciphers" script.
https://www.relianoid.com/resources/knowledge-base/troubleshooting/testing-ssl-tls-protocols-and-ciphers-for-secured-services/
Ethereum layer 2 zkEVM ‘Scroll’ confirms mainnet launch - Blockchain data from Etherscan suggest Scroll’s mainnet was live ... - https://cointelegraph.com/news/ethereum-zkevm-scroll-mainnet-launch #ethereumvirtualmachine #transactionthroughput #zeroknowledgerollup #securityaudit #starkware #immutable #polygon #scroll #zksync #zkevm
Cointelegraph · Ethereum layer 2 zkEVM ‘Scroll’ confirms mainnet launch