Table of contents
Blogs· 3min March 2, 2023
According to online estimates, the estimated worldwide cost of cybercrime could be as high as $10.5 trillion annually by 2025. Cybercriminals are constantly on the look out for security vulnerabilities and ways to compromise systems through illegal activities such as ransomware, phishing or various types of cyberattacks.
A security vulnerability is a flaw or weakness in a system that can be exploited by malicious actors to gain access to restricted resources. No system is ever fully secure or free of vulnerabilities. Based on their cause, we can identify five types of security vulnerabilities:
All of the security vulnerabilities presented have a human element to them. The process of securing software involves a constant effort of change control and security review. The table below presents examples of each type of security vulnerability:
Examples of each vulnerability type
Ethical hacking is the practice of testing a system, network or service to find security vulnerabilities. Ethical hackers use the same tools and techniques as malicious hackers, but they undertake this work to support the system owners in securing their system before malicious actors exploit these vulnerabilities.
While they have significant engineering knowledge and skills, ethical hackers operate under a different mindset from engineers. They analyse all possible uses of a resource or library, attempting to uncover errors.
As production systems change and evolve, new vulnerabilities can be introduced by either the system or its third-party dependencies. In effect, this means that no system is fully secured and the work of ethical hackers never stops. They keep up to date with new vulnerabilities discovered in third party tools, assessing their effect on the system they are responsible for and coordinating an action plan to minimise their effect.
The tools and techniques required to detect and fix system vulnerabilities vary according to the system under test. They are typically responsible for the following activities:
Red teaming is the most comprehensive hacking technique, as it tests the system as a whole, including the people using it. The table below presents a comparison of the purpose and focus of each technique:
Purpose & focus of each ethical hacking activity
Ethical hacking is an important part of keeping systems secure, as they help us identify and fix vulnerabilities before malicious actors can exploit them.
We have an amazing team of ethical hackers at Form3 to keep our systems, which have access to sensitive financial data, safe.
Written by
Adelina is a polyglot engineer and developer relations professional, with a decade of technical experience at multiple startups in London. She started her career as a Java backend engineer, converted later to Go, and then transitioned to a full-time developer relations role. She has published multiple online courses about Go on the LinkedIn Learning platform, helping thousands of developers up-skill with Go. She has a passion for public speaking, having presented on cloud architectures at major European conferences. Adelina holds an MSc. Mathematical Modelling and Computing degree.
Blogs · 4 min
Kaspar Von Grünberg is a the CEO and founder of Humanitec. He joins us to discuss what an Internal Developer Platform is and what to focus on when you're building your own. Finally, he provides an overview of Humanitec's platform, which provides open-source tools you can use when you're building your own IDP.
March 15, 2023
Blogs · 5 min
Once upon a time, there were project boards in GitHub. They helped you plan, they looked like Trello, and they were much loved. They were classic. Then, one day, they were deprecated! Along came project v2 boards. They were like Trello, but also like a spreadsheet, and much more between, and they became the new project planning tool in GitHub. This post is about migrating project boards in GitHub. It's not, as you might expect, about migrating from classic project boards to v2 projects. GitHub offer a migration tool for that in their UI, and it's easy to do. Instead, this post is about migrating from one v2 board to another.
February 22, 2023
Blogs · 4 min
Alexandra Forsberg is a Talent Acquisition Lead at Form3. She joins us to share tips for landing your next remote job. Alexandra covers all aspects of the interviewing process including where to find remote opportunities, how to stand out to hiring managers and how to prepare for a remote interview. Finally, she shares Form3's approach to the interview process.
February 15, 2023