Zero-Day Snafus — Hunting Memory Allocation Bugs

Zero-Day Snafus — Hunting Memory Allocation Bugs

Zero-Day Snafus — Hunting Memory Allocation BugsPrefaceLanguages like C/C++ come with the whole “allocation party” of malloc, calloc, zalloc, realloc and their specialized versions kmalloc etc. For example, malloc has a signature void *malloc(size_t size) which means one can request an arbitrary number of bytes from the heap and the function returns ... Read More
Efficiently Testing Pipelined Microservices

Efficiently Testing Pipelined Microservices

Behind the magically populating dashboards of ShiftLeft lies a complex web of services. We have the state-of the art code property graph generation and querying systems that run on each incoming code artifact, squeezes the security DNA from it and uses it at runtime for providing immediate value of identifying ... Read More
Gracefully Protecting Rapid Software Deployments

Gracefully Protecting Rapid Software Deployments

Gracefully Protecting Rapid Software Deployments — Part IPrologueSoftware has changed. What used to be monolithic services on the backend are now the massive deployments of microservices that constantly are spawned up and torn down with shifting workload needs. They no longer run in controlled environments you provision, but in-turn run on VMs ... Read More