AppCheck Security Blog
Featured post
Security Testing in the Software Development Lifecycle (SDLC)
/ Posted May 13, 2020
In this article, we’ll run through what software development typically looks like for enterprises in 2020, how security tools and processes can, are and should be integrated, and what features to look for to best leverage current approaches to support the development process.
read moreFilter by:
Security Testing in the Software Development Lifecycle (SDLC)
Product / Posted May 13, 2020
In this article, we’ll run through what software development typically looks like for enterprises in 2020, how security tools and processes can, are and should be integrated, and what features to look for to best leverage current approaches to support the development process.
Read moreThe Great Database Heist: Where'd all my Data Just Go!?
Events / Posted May 07, 2020
This is a brand new session we are presenting for the first time including all new content surrounding SQL and NoSQL Injection attacks, exploits and prevention techniques.
Read moreSaltStack scanning tool to detect CVE-2020-11651 & CVE-2020-11652
Product Research Security Alerts / Posted May 05, 2020
These CVE's are now being actively exploited in the wild and so we have created a free standalone scanner to detect and report on these.
Read moreCritical Vulnerabilities in SaltStack CVE-2020-11651 & CVE-2020-11652
Security Alerts / Posted May 01, 2020
Vulnerabilities within SaltStack infrastructure automation software may lead to RCE attacks and full system takeover. According to security researchers who found these vulnerabilities, attacks are expected in the wild as soon as today.
Read moreSecure inclusion of third party content using SOP, CSP, SRI & CORS
Research / Posted April 27, 2020
In this article we’ll take a look at how the origin of resources loaded by your web application – such as third party JavaScript – can impact the security of your organisational and customer data.
Read moreHacks by URL: Devastating and Criminally Simple
Events / Posted April 23, 2020
AppCheck would like to invite you and your colleagues to our next 1-hour webinar surrounding the subtle dangers of the humble URL.
Read moreHacks by URL: Devastating and Criminally Simple
Events / Posted April 23, 2020
Having presented this popular session at the Digital Transformation Expo and the Cloud & Cyber Security Expo with overwhelming success, we have decided to provide this as a condensed webinar for those not able to attend.
Read moreAn Introduction to Web Shells
Research / Posted April 09, 2020
A web shell is a web-based implementation of the shell concept. There’s plenty of legitimate examples where a web shell might be useful functionality – for example to provide an administrative web GUI to an appliance such as a firewall, but for the purposes of this article we will consider malicious web shells - scripts that can be uploaded by an attacker to a web server to enable remote administration of the machine unknown to the system’s proper owner.
Read moreInjection Attacks: An Introduction
Research / Posted April 06, 2020
Hacks by URL: Devastating and Criminally Simple
Events / Posted April 03, 2020
Having presented this popular session at the Digital Transformation Expo and the Cloud & Cyber Security Expo with overwhelming success, we have decided to provide this as a condensed webinar for those not able to attend.
Read more