AppCheck Security Blog
Featured post
The Importance of Regular Vulnerability Scanning
/ Posted June 09, 2020
In an earlier article we have covered the importance of vulnerability scanning and why it remains a powerful tool in your security arsenal – in this article we will examine specifically why it is important to leverage one of the most powerful advantages that dynamic application security testing (DAST) or vulnerability scanning has over manual penetration testing: its ability to be scheduled for frequent or continuous assessment.
read moreFilter by:
The Importance of Regular Vulnerability Scanning
Research / Posted June 09, 2020
In an earlier article we have covered the importance of vulnerability scanning and why it remains a powerful tool in your security arsenal – in this article we will examine specifically why it is important to leverage one of the most powerful advantages that dynamic application security testing (DAST) or vulnerability scanning has over manual penetration testing: its ability to be scheduled for frequent or continuous assessment.
Read moreCommon e-commerce vulnerabilities and how to remedy
Research / Posted May 28, 2020
Modern e-commerce encompasses a broader network of activities and services relating to electronically buying or selling of products on online services or over the Internet. We explore common vulnerabilities that can occur within e-commerce sites and most importantly, how to remedy these.
Read moreThe Great Database Heist: Where'd all my Data Just Go!?
Events / Posted May 27, 2020
This is a brand new session including all new content surrounding SQL and NoSQL Injection attacks, exploits and prevention techniques.
Read moreGot Swagger? How mapping your API helps to protect it.
Research / Posted May 14, 2020
API security is often barely mentioned. Web application developers are, broadly, aware of vulnerabilities such as the OWASP Top 10, but these barely or tangentially mention API security as of the latest (2017) update.
This may not have been an issue historically, however APIs are no longer a niche or secondary form of traffic. API calls now represent 83 percent of web traffic, according to traffic review detailed in a recent report.
Read moreCase Study - North East London NHS Foundation Trust
Case Studies / Posted May 13, 2020
NELFT needed a cost effective vulnerability detection solution while ensuring high standards were in place surrounding cyber security.
See how AppCheck helped deliver that.
Security Testing in the Software Development Lifecycle (SDLC)
Product / Posted May 13, 2020
In this article, we’ll run through what software development typically looks like for enterprises in 2021, how security tools and processes can, are and should be integrated, and what features to look for to best leverage current approaches to support the development process.
Read moreThe Great Database Heist: Where'd all my Data Just Go!?
Events / Posted May 07, 2020
This is a brand new session we are presenting for the first time including all new content surrounding SQL and NoSQL Injection attacks, exploits and prevention techniques.
Read moreSaltStack scanning tool to detect CVE-2020-11651 & CVE-2020-11652
Product Research Security Alerts / Posted May 05, 2020
These CVE's are now being actively exploited in the wild and so we have created a free standalone scanner to detect and report on these.
Read moreCritical Vulnerabilities in SaltStack CVE-2020-11651 & CVE-2020-11652
Security Alerts / Posted May 01, 2020
Vulnerabilities within SaltStack infrastructure automation software may lead to RCE attacks and full system takeover. According to security researchers who found these vulnerabilities, attacks are expected in the wild as soon as today.
Read moreSecure inclusion of third party content using SOP, CSP, SRI & CORS
Research / Posted April 27, 2020
In this article we’ll take a look at how the origin of resources loaded by your web application – such as third party JavaScript – can impact the security of your organisational and customer data.
Read more