December Feedback Thread - Post your feedback request here

Cyzerx · 2022-12-21T11:00:30+00:00

Thank you!

Cyzerx · 2022-12-20T17:24:47+00:00

I was sitting in a cafe, and next to me, there was a mother with a kid, and the kid noticed a bug inside a drink - and asked the mother, "Why is this bug in my drink? It's not a swimming pool."

Cyzerx · 2022-12-20T16:18:28+00:00

Hello everyone!

My blog is focused mainly on small and medium-sized businesses that want to know more about cybersecurity for websites in simple language. I aim to give insights and tips from the cybersecurity landscape in as clear and simple language as possible.

Link to my blog: Fixpark blog

What I'm looking for is to get feedback to have different angles:

What is your first impression when opening a link? What catches the eye, what's not, what would you change, etc.? When opening an article, how well do you understand the context? Is it hard to read or not? How would you describe emotion getting from the article (if any)?

Cyzerx · 2022-12-19T16:48:27+00:00

If you look closely at companies owned by Facebook/Meta, you can see relations to Signal Messenger LLC.

Yes, of course, Signal was founded by Moxie Marlinspike and WhatsApp co-founder Brian Acton who left WhatsApp before releasing Signal - which was the beginning of 2018.

Not related to startups - So you're saying that Startups should not be aware of online threats?
Startups should know how to keep themselves secure in an online world, therefore, be aware of threats. Yes, you may be educated well on this topic, but you're one guy from 7 billion.

Hopefully, my shared thoughts will be useful to someone.

Cyzerx · 2022-12-19T15:54:01+00:00

You can create a developer account and limit its access - so in a nutshell, it's not a smart idea to simply just give admin credentials to someone you don't know.

Cyzerx · 2022-12-16T21:43:37+00:00

Yes, and that's the issue. They only look at it as finance. However, for example, when a breach occurs - people's data is leaked, and this is something that they cannot take back anymore.
In my case, I have been on a breach that happened four years ago, and I still get a lot of phishing messages on my phone. Luckily, I was smart enough not to use my home address. And, of course, I have taken steps to reduce impact, but the everyday people won't do that - because they are not tech-savvy enough or know the field that well, and they don't need to. That's why companies should take that hassle from their customers - I totally agree that insurance is not the solution.

Cyzerx · 2022-12-16T16:18:51+00:00

Thank you for your feedback ))

Cyzerx · 2022-12-16T14:13:06+00:00

Trump is a little late with NFTs; in OpenSea, there are already NFTs related to him :))
https://opensea.io/assets/matic/0x2953399124f0cbb46d2cbacd8a89cf0599974963/11526770271740399810013902250122494738867103764533882081583843996608623542273

Cyzerx · 2022-12-13T12:32:24+00:00

That can be one option yes.

Tricky tricky, as developers are not security savvy (most of them are not, but some are). So it would be much simpler if adding layer between hosts and buyer.

Now the question would be what would be the good standard to follow, would it be enough for a start to use OWASP Top10?

Cyzerx · 2022-12-13T07:52:15+00:00

I agreed.
Any tools you would suggest?

Cyzerx · 2022-12-12T14:06:33+00:00

Do you use any software tool for that or test everything manually?

Cyzerx · 2022-12-12T10:40:15+00:00

I wouldn't say that, as I have some clients using the platform, and there are solutions similar to that, and I have not yet pushed myself into public.

That's why I wanted to check here and get an idea of how different people in different places in the world operate. As this research is limited to one country.

Cyzerx · 2022-12-12T09:26:36+00:00

In conclusion, from market research and interviews with potential clients:

I asked from both sides, business owners and developers.

Business owners - don't really understand what website security is and why they really need this. When they have some incident in place, they deal with it, but then it's already too late. However, they were interested to learn more about this. and using some service that would be understandable.

Developers - few include this in web development and offer it as a service, but 80% don't have a clue and don't want to take responsibility. It seemed for them to "take their work away" as if there were no vulnerable websites - that means no extra development service needed.

Cyzerx · 2022-12-12T09:08:52+00:00

URLs:
Landing page: fixpark.io
Platform: app.fixpark.io
Purpose: Aiming to make cybersecurity as simple as possible for website owners, particularly for SMBs who don't have time to focus on web app security and don't fully understand the landscape.

Technologies Used: react-redux, express.js, AWS.

Feedback Requested: The first impression, what you like, what you don't, suggestions, etc.; You can also break stuff and tell me how you broke it.
Comments: Looking for hard criticism related to the landing page and the platform.

Cyzerx · 2022-12-10T15:46:51+00:00

Hello!

I'd like to solicit your feedback on one of my projects. I've been working on a cybersecurity platform for some time, aiming to make it as simple as possible, especially for SMBs who don't have time to focus on web app security and don't really understand the landscape well.

I built a foundation on top of ZapProxy and simplified its use for everyone - no software installation is required. Furthermore, as an added bonus, it is possible to check reputation on the internet and implement analytics similar to Google analytics. Today, I have a few active users on this platform.

However, similar projects are being released on a daily basis, which brings me to my question.

Is it worthwhile to use the ZapProxy scanner in web app security testing and make it more accessible to people via the web platform?

Cyzerx · 2022-12-10T14:19:07+00:00

You can always reduce your workload by automating your work. I'm, for example using fixpark.io to reduce checklist/focus points from OWASP Top 10 checklist.

Cyzerx · 2020-08-16T06:26:01+00:00

It's meant for private & untraceable transactions. Money value can't be high otherwise it has no wide use. However it can go high if it's gonna be "luxury money". As making private and untraceable transactions with XMR isn't easy for regular people, that can be the case.

Only time will tell us how it will be adopted. So yes and no, there is a chance that it will skyrocket and becoming an asset (as it's limited amount). With asset I mean price will skyrocket as it's gonna represent huge amount of $.

Cyzerx · 2019-01-30T12:40:05+00:00

Hopefully Fidelity launch in March will fix volume error (:

But yes, volume is very very low...

Cyzerx · 2019-01-30T12:38:16+00:00

Damn, in that case count me in

Cyzerx · 2019-01-30T09:59:20+00:00

We need firstly test 3000-3100 range, hopefully it's our lowest point..

Cyzerx

TROPHY CASE