Summary In summary, this article explains two regulations from the European Union, The Digital Operational Resilience Act (DORA) and NIS 2 Directive. DORA focuses on enhancing the digital resilience of financial entities, mandating robust risk management, system testing, and third-party…
Summary In summary, this article has the purpose to explain to the reader, the importance of Business Continuity Management (BCM) to ensure resilience. The article starts by explaining what a BCM is and the various concepts that it encompasses. With…
Summary The summary underscores the principles and key components of the Zero Trust approach in cybersecurity. Beginning with the axiom "Never trust, Always verify," it explores benefits such as a proactive stance and enhanced visibility and control. It details the…
We are delighted to announce that we have formalised our strategic partnership with IriusRisk. This will allow us to enrich our service portfolio and offer, strengthening our capacity for a fast and scalable response in providing Threat Modeling services by design and by…
Context During an authorised penetration testing assessment conducted on Xpand IT’s Write-Back software, Balwurk’s security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows attackers to…
Context During an authorised penetration testing assessment of Xpand IT Write-Back software, Balwurk's security team found a vulnerability that allows an attacker to craft its own Write-Back commercial licenses, unlocking the software's full features without paying for it. What is…
Context During an authorised penetration testing assessment conducted on Xpand IT's Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. Balwurk discovered that the JSON Web…
During an authorised penetration testing assessment conducted on Xpand IT's Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows an attacker to…
Balwurk, a consultancy company dedicated to providing application security services, is moving steadily forward in its quest to deliver excellence in AppSec & Cloud Security. To achieve this goal, we are pleased to announce our recent partnership with Check Point…
During an authorised penetration testing assessment of Xpand IT Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows an attacker to retrieve…