OWASP TOP 10: Insufficient Attack Protection #7 – CAPTCHA BypassMay 4, 2017
Introduction to Thick Client Penetration Testing – Part 1July 29, 2017
What we do at SL7? Look at SecureLayer7 Review
In this blog post, we will see how are work, life and things at SecureLayer7.
We are an enthusiastic pack of security consultants and developers. Our work profile involves:
- Working at the customer site or remotely and pen testing web, mobile and infrastructure.
- Finding and making proof of concept for vulnerabilities. Working pro-actively with the development team to fix them.
- Developing vulnerable labs and publishing the code in Github. (https://github.com/securelayer7/csv-injection-vulnerable-php-script-)
- Speaking at events such as Garage4Hackers (https://goo.gl/LbYwuh)
- Researching on HTML5 vulnerabilities and writing blogs (like the one that you are reading now 🙂 ) (http://blog.securelayer7.net/owasp-top-10-security-misconfiguration-5-cors-vulnerability-patch/)
- Working on open source software security and winning CVE IDs. (Like this one 🙂 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5594 https://www.exploit-db.com/exploits/41143/)
How we do that at SL7?
The engineers are encouraged to write blogs which help them to improve research skills. Also, the engineers have the freedom of choosing the topic of the blog. What more can we ask? This helps us to research on latest threats and perform better when are on a penetration testing assignment.
We are given to make the proof of concepts using our own creative format and are not asked to focus on a pre-defined template. This helps the engineers to think outside of normal routine and create a good deliverable. The deliverable are then peer-reviewed to make them even better by taking suggestions.
We develop our own vulnerable labs and present them in meets such as Garage 4 Hackers. This helps us know the vulnerability from a basic level. It also helps us develop confidence and presentation skills because we deliver a presentation on security topics in front of a crowd of 50-100 people.
When we are stuck at a point while testing, the work environment lets us freely ask our colleagues. This creates a collaborative learning environment.
Why we do that at SL7?
We are a bunch of people passionate about information security. We like quality work. We believe in quality over quantity. We deliver the same to our clients.
We have innovative and curious minds. Due to this, we focus on the new latest vulnerabilities.
We like sitting in front of the computer to solve problems. After solving them, we get pleasure. The motivation to do this comes automatically because we work with great people surrounding us.
Work Culture at SL7:
- An open-minded company that takes feedback and innovative ideas from the engineers.
- A flexible time schedule.
- We are treated to a larger-than-usual work desk, most comfortable office chair, in the open-concept office.
- Lots of on-site foreign opportunities.
- We get a high-speed PC with admin rights where we can install any tool. The only thing that matters is the end result.
- A play station in the office!
- Work harder and take breaks and party even harder.
What else can you ask for? Also, when we don’t hack, we are encouraged to play video games, basketball, pool. 🙂
Interested in joining SecureLayer7 or have any questions about the initiative? Drop Sandeep an email: Sandeep [at] securelayer7.net