Featured post
/ Posted September 03, 2021
The OWASP Penetration Testing Checklist is aimed at delivering a baseline standard against which potential vendor solutions can be assessed to ensure that a prospective web application security testing provider delivers a service that is sufficient
read moreFilter by:
Research / Posted September 03, 2021
The OWASP Penetration Testing Checklist is aimed at delivering a baseline standard against which potential vendor solutions can be assessed to ensure that a prospective web application security testing provider delivers a service that is sufficient
Read moreResearch Security Alerts / Posted August 25, 2021
On the 15th of July 2021 Umbraco and AppCheck released a Security Advisory to alert users of a vulnerability within the Umbraco Forms component that could be exploited to gain remote code execution on the affected system.
Read moreResearch / Posted August 24, 2021
The OWASP Top 10 Privacy Risks list is an attempt to curate a completely neutral set of prioritised privacy risks for businesses to consider, as well as a recommended set of countermeasures for businesses to deploy against the occurrence of those risks.
Read moreProduct / Posted August 17, 2021
AppCheck has many features and is constantly being updated. Here we look at just two, authenticated scanning and card-skimming.
Read moreEvents / Posted August 16, 2021
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies.
Read moreResearch / Posted August 13, 2021
Customers new to the AppCheck platform can often be surprised at the number of vulnerabilities that AppCheck highlights relating to transport encryption offered on their services – unencrypted (plaintext) services, web applications with vulnerable cipher suites, encryption libraries containing exploitable flaws, registration forms that email users passwords in clear text. The list of checks that AppCheck performs is extensive, and on a website that has not previously been covered by regular vulnerability scanning, the extent of encryption issues can be surprising
Read moreEvents / Posted August 09, 2021
Databases are fantastic - providing a standardised interface for creating, updating, reading and deleting data from a backend system. They can be optimised to efficiently service your applications data storage and retrieval requirements, allowing it to scale effortlessly… and, via common pitfalls in their use, they can give a hacker access to all your data too.
Read moreResearch / Posted July 19, 2021
Security Issue:
Researchers at AppCheck have discovered a security issue within Umbraco Forms which could lead to a remote code execution attack and/or arbitrary file deletion. Umbraco are advising everyone be ready for a fix which is to be released 20th July at 7am UTC.
Read moreProduct / Posted July 13, 2021
Dean Moulden, Senior Penetration Tester at Security Risk Management (SRM), explains how AppCheck helps him and the rest of SRM’s penetration testing team to offer clients a fast, accurate and reliable service.
Read moreResearch / Posted July 05, 2021
In this article we’ll take a look into what HTTP “verbs” or methods are, how each varies and works, and what the potential security risks are that should be considered with each. We’ll also see how vulnerability scanners such as AppCheck can automatically check for many of the potential vulnerabilities presented by webservers making use of these methods.
Read more