SQLite Vulnerability May Be Putting Your Applications at Risk
Late last week, Tencent announced that researchers from its Blade Team had discovered a remote code execution (RCE) vulnerability in SQLite, dubbed Magellan. SQLite is a very popular embedded SQL server. It is one of the components inside many thousands of applications, including the Google Chromium browser. Google has since ... Read More
Veracode at Black Hat Europe 2018
We recently published the 9th volume of our State of Software Security (SoSS) report, and although there are some bright spots, the overall state of software security remains a work in progress. Nowhere is this more true than in Europe. In separate research conducted earlier this year, we found that ... Read More
What About the Testing You Can’t Automate?
The shift to DevSecOps is altering the security role in some fundamental ways. We’ve seen this new environment changing not only the security team’s tasks and responsibilities, but also their mindset. Specifically, the security team has had to shift from thinking like a “breaker” to thinking like a “builder.” Rather ... Read More
Looking Ahead to RSA: Why AppSec Will Take Center Stage
RSA Conference is unquestionably the biggest security event of the year. With so many companies showcasing the latest and greatest in security technology and solutions, it’s very difficult to stand out amongst the crowd. However, in light of recent headlines, it’s evident that securing the software that powers our digital ... Read More
How to Prevent a Breach From Spring Break
Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break ... Read More
