AppCheck becomes the latest vendor to be authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA). One of around 200 vendors across 32 countries, joining companies such as Apple, Google, Facebook, GitLab and Microsoft. The step to join the programme was taken due to the volume and frequency in […]
After much development we launched a new scanning engine capable of scanning single page applications, becoming one of the first vendors to be making developments in this area and market leaders in this regard. Previously out of reach to automated scanners, we wanted to allow our scanner to crawl these complex single page applications, comprised […]
In 2014 AppCheck started trading commercially as it’s own entity and to this day, our original goal of trying to automate as much of a manual assessment as possible still remains true. Due to our original vision and ability to find some of the hardest to reach vulnerabilities, AppCheck is now used globally and has […]
In 2009 AppCheck rebooted, designed from the ground up to be distributed, scalable and fault tolerant, whist retaining the focus on accuracy of the original scanner.
In 2008, we invited key clients to use AppCheck to perform regular scanning so that critical vulnerabilities did not go unchecked between pen testing engagements. The feedback was overwhelmingly positive and demand for AppCheck grew rapidly. It became clear that AppCheck needed a life of its own, with a dedicated research and development team and […]
Over time AppCheck grew into an indispensable tool allowing us to automate almost all of our penetration testing activities leaving more time to concentrate on more exotic vulnerabilities such as social engineering attacks and analysing flaws in business logic.
AppCheck was born as an internal penetration testing tool in 2003 with the aim of accurately detecting critical security vulnerabilities at scale. Our challenge was to develop a tool that could automate as much of the penetration testing process as possible whilst retaining the level of accuracy that is critical when performing a security review. […]