CyRC special report: Secure apps? Don’t bet on it
The Cybersecurity Research Center conducted a security analysis of the 10 most popular Android sports and betting apps ... Read More
CyRC Special Report: How companies fared in the aftermath of Log4Shell
We examine the Log4Shell disclosure through the lens of the Black Duck Knowledge Base to understand how organizations respond to high-profile vulnerabilities ... Read More
CyRC Case Study: Securing BIND 9
Learn how you can improve your application security posture by adopting best practices from the BIND 9 team. The post CyRC Case Study: Securing BIND 9 appeared first on Application Security Blog ... Read More
CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds
CVE-2022-1271 is a new vulnerability affecting gzip, a widely used open source component for archiving, compressing, and decompressing files. The post CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds appeared first on Software Integrity Blog ... Read More
CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963
Two vulnerabilities affecting different Spring projects were identified this week. Here’s what you need to know about Spring4Shell and CVE-2022-22963. The post CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963 appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Software supply chain security is much bigger than you think
Managing the risks of your software supply chain requires more than a basic understanding of the software components that make up your applications. The post How to cybersecurity: Software supply chain security is much bigger than you think appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Gravity is a harsh mistress
Knowledge alone isn’t enough to manage vulnerabilities. Developers need to be part of a proactive security process with integrated AppSec tools. The post How to cybersecurity: Gravity is a harsh mistress appeared first on Software Integrity Blog ... Read More
How to cyber security: Software supply chain risk management
Effective software supply chain risk management requires security measures throughout the entire supply chain. The post How to cyber security: Software supply chain risk management appeared first on Software Integrity Blog ... Read More
A stitch in BIND saves nine
A vulnerability was discovered in the named DNS server implementation contained in the development branch builds of BIND 9. The post A stitch in BIND saves nine appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Heartbleed deep dive
Over seven years later, the Heartbleed vulnerability still offers important lessons in application security. The post How to cybersecurity: Heartbleed deep dive appeared first on Software Integrity Blog ... Read More
