AppCheck Security Blog

AppCheck is Shortlisted for the SC Awards Europe 2022

AppCheck has been shortlisted for Best Vulnerability Management Solution Award at this year's SC Awards Europe

read more

AppCheck is Shortlisted for the SC Awards Europe 2022

AppCheck has been shortlisted for Best Vulnerability Management Solution Award at this year's SC Awards Europe

Read more

Privilege Escalation

his blog post looks in more detail at how privilege escalation can occur, as well as highlighting some common variants and also how to best prevent or avoid them from happening.

Read more

Honeypots

One tool that is often overlooked despite a history of deployment stretching back over thirty years is the honeypot, a deployed resource that is used to monitor and analyse attacks against a network, as well as reveal information about the attackers behind them. In this blog post we examine exactly what honeypots are and how they work, and whether they could benefit your organisation.

Read more

DOM XSS

“DOM” stands for “Document Object Model” and although you may not have heard of it, it underpins how every web browser interprets and renders web pages that are received from the server.

Read more

AppCheck Web Application Security Seminar - LONDON

Our AppCheck Web Application Security Seminar is coming to London, on May 27th, at Lord's Cricket Ground. This FREE educational day offers “A fantastic and revealing insight into the world of hacking.”

Read more

“NginxDay”: NGINX LDAP Reference Implementation Zero Day Vulnerability

A recent zero-day vulnerability has been publicly shared revealing a critical issue with the nginx-ldap-auth software package allowing attackers to potentially bypass authentication and disclose key information on vulnerable servers.

Read more

Web Server and Web Application Hardening

System hardening is the practice of securing a computer system by minimising its attack surface. Measures used can include the uninstallation of unneeded or unused software, especially those which run a network service, and the changing of various system or application settings from flexible default values to more secure values

Read more

URGENT SECURITY ADVISORY - Spring4Shell (CVE-2022-22965)

Spring4Shell is a newly discovered remote code execution and we're already seeing this being actively exploited.

Read more

30 Cyber Security Terms You Need To Know

We lay out some of the more common terminology that you may encounter and explain both the meaning of each, as well as its relevance to protecting your technical estate from cybersecurity threats.

Read more

Broken Authentication

When we say that authentication is “broken”, we mean that it is not possible to be certain that requests being made by a user with a certain claimed identity are in fact being made by the user with that identity.

Read more