AppCheck Security Blog

FEATURED POST

Webinar: The Great Database Heist: Where’d all my Data Just Go!?

Appcheck - icons
Spring4Shell is a newly discovered remote code execution and we’re already seeing this being actively exploited.
Appcheck - icons
We lay out some of the more common terminology that you may encounter and explain both the meaning of each, as well as its relevance to protecting your technical estate from cybersecurity threats.
Appcheck - icons
When we say that authentication is “broken”, we mean that it is not possible to be certain that requests being made by a user with a certain claimed identity are in fact being made by the user with that identity.
Appcheck - icons
There are many different scenarios in which access control may be broken (which we look into in more detail within) but in general an access control failure is any misconfiguration or flaw within the application such that records or resources are not properly protected as designed in terms of their CIA requirements.
Appcheck - icons
A “zero day” is a loose term for a recently discovered vulnerability and often associated exploit that overturns the above model, i.e. where a vulnerability has been uncovered but rather than being reported to the vendor is being actively exploited (or attempting to be exploited) by malicious parties – before a patch is released and/or implemented – and often before a vendor or its customers are even aware that the vulnerability in question exists.
Appcheck - icons
A Practical View of the Most Common Threats Facing Web Apps Today

Get in touch

Please enable JavaScript in your browser to complete this form.
Name

Start your free trial

Your details
IP Addresses
URLs