Featured post
/ Posted April 07, 2022
System hardening is the practice of securing a computer system by minimising its attack surface. Measures used can include the uninstallation of unneeded or unused software, especially those which run a network service, and the changing of various system or application settings from flexible default values to more secure values
read moreFilter by:
Research / Posted April 07, 2022
System hardening is the practice of securing a computer system by minimising its attack surface. Measures used can include the uninstallation of unneeded or unused software, especially those which run a network service, and the changing of various system or application settings from flexible default values to more secure values
Read moreSecurity Alerts / Posted March 31, 2022
Spring4Shell is a newly discovered remote code execution and we're already seeing this being actively exploited.
Read moreResearch / Posted March 18, 2022
We lay out some of the more common terminology that you may encounter and explain both the meaning of each, as well as its relevance to protecting your technical estate from cybersecurity threats.
Read moreResearch / Posted March 07, 2022
When we say that authentication is “broken”, we mean that it is not possible to be certain that requests being made by a user with a certain claimed identity are in fact being made by the user with that identity.
Read moreResearch / Posted February 28, 2022
There are many different scenarios in which access control may be broken (which we look into in more detail within) but in general an access control failure is any misconfiguration or flaw within the application such that records or resources are not properly protected as designed in terms of their CIA requirements.
Read moreResearch / Posted February 23, 2022
A “zero day” is a loose term for a recently discovered vulnerability and often associated exploit that overturns the above model, i.e. where a vulnerability has been uncovered but rather than being reported to the vendor is being actively exploited (or attempting to be exploited) by malicious parties - before a patch is released and/or implemented – and often before a vendor or its customers are even aware that the vulnerability in question exists.
Read moreEvents / Posted February 07, 2022
A Practical View of the Most Common Threats Facing Web Apps Today
Read moreNews / Posted January 26, 2022
We have taken on lots of new starters at AppCheck across all departments as we continue to enjoy a period of expansion. We sit down with Stephen Gierke, one of our Account Managers, and ask him about what it's like to work for AppCheck.
Read moreResearch / Posted January 20, 2022
There are a few things you should look for in a DAST tool, some that are universally recommended, and some the utility of which may depend on your organisation and its unique operating environment. Some of the features that AppCheck believes are most important to be included in your new DAST tool are outlined in this article.
Read moreResearch Security Alerts / Posted January 18, 2022