Then create a threat feed in our Fortigate using the API at https://hackertarget.com/ using that ASN. Source: 7 months ago

So far, I found things like https://pentest-tools.com/, https://hackertarget.com/, and https://www.intruder.io/. Does anyone have any experience with these (or any other) tools? If so, would you consider any of them a valid tool to check the "Have you conducted any penetration testing" box and maybe highlight some areas where we are lacking? Source: almost 2 years ago

I was told in another forum to look at Private Packagist... But how is that different? Instead of installing packages from packagist.org.. You pay to Packagist.com to do the same thing? You just download from packagist.com cloud instead of packagist.org? Source: almost 2 years ago

We have a private Satis instance. Our ITSec team reviews all packages before we add them to Satis. Packagist.com is available for us but the CI-CD servers can reach only the private Satis. Source: almost 2 years ago

Https://packagist.com maybe tell them about a local packagist install. Source: almost 2 years ago

"[MANAGER] requested this to be done in PHP. You as IT will know that most modern programming and scripting languages work only with packaging software properly. Composer sends requests (majority of cases) to packagist.com and to github.com. It will add thousands of hours to do everything that composer does manually. Please sign here to authorize the usage of 4000 hours and the possible delay of 4000 hours.... Source: almost 2 years ago

Another downside that only really exists with non-PHP boilerplates is getting updates isn'T as easy. With PHP we're able to use packagist.com and make our code available via composer. Other languages don't have this so SaaS Pegasus provides zip downloads and Gravity provides access to a GitHub repo. This means you have to apply bug fixes yourself. With Parthenon, you do composer update and you'll get the latest... Source: almost 2 years ago