Blog
Template Engine Fingerprinting
When testing web applications you may come across pages that allow you to enter a template and have it rendered to a user. Without access to the code it may be difficult to determine what the underlying template engine is. Here we will compare common JavaScript template engines to determine techniques to tell them apart without access to the underlying rendering code.
Posted June 17, 2022 by Charles Bevan ‐ 4 min read
Hack The Box Cyber Apocalypse
LifeOmic's security team competes in these challenges casually, with a focus on learning and improvement.
Posted May 24, 2022 by Austin Lee ‐ 8 min read
How LifeOmic responded to the log4j critical vulnerability
LifeOmic had limited use of the affected software, none of our use was Internet-accessible, and based on all evidence from our extensive logs, LifeOmic was not compromised by the log4j vulnerability. We were aware of the issue within 12 hours of its public disclosure and had mitigated the small number of internal systems affected within 4 hours. We continue to monitor possible impact from vendors who rely on the affected software. For more information, email security@lifeomic.com.
Posted December 15, 2021 by Bishop Bettini ‐ 3 min read
A Perspective of the Kaseya Incident
LifeOmic was unaffected by the Kaseya breach, but has several techniques in place that would have protected us.
Posted July 21, 2021 by Adam Cole ‐ 3 min read
Helping the PHP Community Strengthen its Security Posture
LifeOmic is committed to open source, so we shared our quick-start guide to signing commits following a breach of the PHP source code repository. LifeOmic was not affected by this breach.
Posted April 2, 2021 by Bishop Bettini ‐ 2 min read