AppCheck Security Blog

Featured post

Tales of Terror [Readers Beware]

/ Posted October 30, 2020

read more

Filter by:

View all
Case Studies Events News Product Research Security Alerts

Tales of Terror [Readers Beware]

News / Posted October 30, 2020

Read more

Server-Side Request Forgery (SSRF) & the Cloud Resurgence

Research / Posted October 20, 2020

So what exactly is SSRF? How does it work, why is it more prevalent in 2020, and how can we protect against it?

Read more

Web App Security: Why So Hard?

Events / Posted October 16, 2020

Action... Mystery... Intrigue...
What does AppCheck's latest have in store? Click for more...

Read more

A COVID Christmas: Protecting Your Critical Ecommerce Assets

News Product / Posted October 07, 2020

In this article we will address the current situation, how hackers can exploit your websites, what you can do to protect yourself and where AppCheck comes in as an automated penetration testing tool to make sure you’re not leaving yourself vulnerable.

Read more

Webinar: Why Web Application Security Should be Job Number One

Events / Posted October 06, 2020

We will provide a high-level overview of why web app security is important with case studies into recent hacks before looking at how you as a business can help mitigate these attacks with practical advice.

Read more

WebSocket Security - Cross-Site Hijacking (CSWSH)

Research / Posted October 01, 2020

In this article we are going to take a look at one of the newer technologies used in modern web applications, the “WebSockets” that were standardized by the Internet Engineering Task Force (IETF) in 2011.

Read more

Insecure Direct Object Reference

Research / Posted September 25, 2020

Insecure Direct Object Reference, is a common web application vulnerability that allows an attacker to bypass mis-configured logical access controls and access sensitive data.
In this article, we will step through looking at what IDOR is, how it can often be introduced as a vulnerability, how an attacker is able to exploit it, and how to defend against it.

Read more

CyberWhite Interviews our Head of Development

News / Posted September 16, 2020

CyberWhite sat down with our Head of Development, Graham Bacon, to discuss all things AppCheck.

Read more

Single Page Applications (SPA)

Research / Posted September 01, 2020

Essentially a SPA is a client-side dynamic web application that makes a full HTML page load initially but thereafter responds to all DOM events initiated by actions such as clicking on links by dynamically rewriting the current web page, rather than the default method in a traditional “multi-page” web application of the browser loading entire new pages.

Read more

HTML5 Cross-Document Messaging Vulnerabilities

Research / Posted August 12, 2020

In this article, we take a look at the security model that the Web Messaging API (a.k.a. “Cross-Document Messaging”) - is built on, why the security measures that it introduces are necessary, and some of the potential mis-configurations that can undermine the API’s security model.

Read more

This website uses cookies to improve user experience. By using our website you consent to the storage of cookies from this website.

I agree
cancel

Start your free trial

Simply complete the form and we'll send you all you need to activate AppCheck and undertake your FREE scan.
Your details IP addresses URLs
Your details
next
IP Addresses
back next
URLs
back