AppCheck Security Blog

OWASP Top 10 2021 Web Application Security Risks

Every few years the OWASP community come together to review the ten most critical web application security risks (commonly known simply as the “OWASP Top 10”) by analysing vulnerability data spanning hundreds of organisations and over 100,000 real world applications. This process was most recently performed in 2021 and a new, updated top 10 list published.

read more

OWASP Top 10 2021 Web Application Security Risks

Every few years the OWASP community come together to review the ten most critical web application security risks (commonly known simply as the “OWASP Top 10”) by analysing vulnerability data spanning hundreds of organisations and over 100,000 real world applications. This process was most recently performed in 2021 and a new, updated top 10 list published.

Read more

Features Review: GoScript and Card Skimmers

AppCheck has many features and is constantly being updated. Here we look at just two, authenticated scanning and card-skimming.

Read more

AppCheck in the hands of a pen tester

Dean Moulden, Senior Penetration Tester at Security Risk Management (SRM), explains how AppCheck helps him and the rest of SRM’s penetration testing team to offer clients a fast, accurate and reliable service.

Read more

What to expect from your free vulnerability scan

In this article, we’re going to look at what a vulnerability scan is, how it can help to protect your organisation, and how AppCheck will work with you to deliver a free trial scan of your own websites, networks and infrastructure to demonstrate these benefits. 

Read more

A COVID Christmas: Protecting Your Critical Ecommerce Assets

In this article we will address the current situation, how hackers can exploit your websites, what you can do to protect yourself and where AppCheck comes in as an automated penetration testing tool to make sure you’re not leaving yourself vulnerable.

Read more

vBulletin Zero Day Details & Plug-in

Security researcher Amir Etemadieh has released a pre-authentication zero-day remote command execution (RCE) exploit in vBulletin. This exploit is bypasses the patch for a previous RCE in vBulletin 5.0 through 5.4 and has since been assigned CVE-2019-16759.

Read more

Integrating AppCheck into your Azure Pipelines

AppCheck is pleased to announce official support for integration into Microsoft’s Azure Pipelines.

Read more

AppCheck Plug-in for CVE-2020-5902 & CVE-2020-5903

AppCheck have released a new plug-in to detect recently discovered security flaws within F5 BIG-IP devices, CVE-2020-5902 and CVE-2020-5903.

Read more

Scanning GraphQL for Vulnerabilities with AppCheck

AppCheck is pleased to announce enhanced support for scanning GraphQL based APIs. In this post we take a brief look at GraphQL and some of the security implications surrounding the technology.

Read more

Security Testing in the Software Development Lifecycle (SDLC)

In this article, we’ll run through what software development typically looks like for enterprises in 2021, how security tools and processes can, are and should be integrated, and what features to look for to best leverage current approaches to support the development process.

Read more