CyRC Case Study: Securing BIND 9

CyRC Case Study: Securing BIND 9

Learn how you can improve your application security posture by adopting best practices from the BIND 9 team. The post CyRC Case Study: Securing BIND 9 appeared first on Application Security Blog ... Read More
CVE-2022-1271 - Improper Input Validation in Gzip | Synopsys

CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds

CVE-2022-1271 is a new vulnerability affecting gzip, a widely used open source component for archiving, compressing, and decompressing files. The post CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it’s not as bad as it sounds appeared first on Software Integrity Blog ... Read More
CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963

CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963

Two vulnerabilities affecting different Spring projects were identified this week. Here’s what you need to know about Spring4Shell and CVE-2022-22963. The post CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered – Spring4Shell and CVE-2022-22963 appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Software supply chain security is much bigger than you think

How to cybersecurity: Software supply chain security is much bigger than you think

Managing the risks of your software supply chain requires more than a basic understanding of the software components that make up your applications. The post How to cybersecurity: Software supply chain security is much bigger than you think appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Gravity is a harsh mistress

How to cybersecurity: Gravity is a harsh mistress

Knowledge alone isn’t enough to manage vulnerabilities. Developers need to be part of a proactive security process with integrated AppSec tools. The post How to cybersecurity: Gravity is a harsh mistress appeared first on Software Integrity Blog ... Read More
How to cyber security: Software supply chain risk management

How to cyber security: Software supply chain risk management

Effective software supply chain risk management requires security measures throughout the entire supply chain. The post How to cyber security: Software supply chain risk management appeared first on Software Integrity Blog ... Read More
A stitch in BIND saves nine

A stitch in BIND saves nine

A vulnerability was discovered in the named DNS server implementation contained in the development branch builds of BIND 9. The post A stitch in BIND saves nine appeared first on Software Integrity Blog ... Read More
How to cybersecurity: Heartbleed deep dive

How to cybersecurity: Heartbleed deep dive

Over seven years later, the Heartbleed vulnerability still offers important lessons in application security. The post How to cybersecurity: Heartbleed deep dive appeared first on Software Integrity Blog ... Read More
How to cyber security: Butter knives and light sabers

How to cyber security: Butter knives and light sabers

Building an effective application security program for your organization begins with establishing policies and processes. The post How to cyber security: Butter knives and light sabers appeared first on Software Integrity Blog ... Read More
How to cyber security: Invisible application security

How to cyber security: Invisible application security

Invisible application security is the concept of integrating and automating AppSec testing with little interruption to developer workflows. The post How to cyber security: Invisible application security appeared first on Software Integrity Blog ... Read More
Loading...