Category: Ethical Hacking & Incident Response

CI/CD Security: Supply chain attack from a compromised developer

In modern DevOps environments, CI/CD pipelines automate code development, testing, and deployment, enabling rapid delivery and scalability while significantly expanding the attack surface. CI/CD audits conducted in 2025 and 2026 revealed that credentials leaked in repositories, misconfigured runners, insecure artifact…

Automated CTI-powered Purple Teams

Purple Teaming has become a key practice for organizations looking to assess and improve their detection and response capabilities. By bringing together offensive and defensive teams, Purple Team exercises help validate security controls, identify detection gaps, and strengthen incident response…

Amplifying Cyber Threat Intelligence with AI: A Pragmatic, Maturity Driven Approach

Against a backdrop of heightened geopolitical tensions, recent years have been marked by an upsurge in cyber threats, illustrated by the strengthening of attackers’ capabilities, the diversification of their tactics and even the enhancement of their operations thanks to artificial…

StormCell: How our blue team scales up incident response

CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…

GenAI Guardrails – Why do you need them & Which one should you use?

The rise of generative AI and Large Language Models (LLMs) like ChatGPT has disrupted digital practices. More companies choose to deploy applications integrating these language models, but this integration comes with new vulnerabilities, identified by OWASP in its Top 10…

Back to top