<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"> <img height="1" width="1" style="display:none;" alt="" src="//t.co/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0">

Web Application Security Blog

CVE-2017-5638 - Groundhog Day

POSTED BY  Zaid Al Hamami on Mar 09, 2017
Mar 09 2017

Its one of those weeks. A new, big impact-low effort CVE (CVE-2017-5638). This time it is Java Struts apps. Specifically ones using the Jakarta Multi-Part parser. Again, it is one of those “malformed input in ways no one expected gives me powers...

Continue Reading ›

TOPICS     Vulnerabilities  Application Security  DevOps

How to Build Security into the QA Cycle

POSTED BY  Oliver Lavery on Nov 01, 2016
Nov 01 2016

These days, many companies are developing software with fairly rapid release cycles—every week or even every few days. So testing software security no longer looks like it used to. Spending several days or more analyzing the code for bugs is not...

Continue Reading ›

TOPICS     RASP  Agile development  DevOps

4 Steps to DevOps Success in the Cloud

POSTED BY  Mike Milner on Oct 04, 2016
Oct 04 2016

Increasingly, organizations are turning to the cloud to improve the availability and agility of their IT capabilities, and to control costs. It’s a trend that’s expected to continue, with IDC predicting that cloud IT infrastructure spending will...

Continue Reading ›

TOPICS     Web Application Security  DevOps  Cloud Infrastructure