Log4Shell
Unnecessary Risk: The Persistence of Open Source Vulnerabilities
Log4Shell was supposed to be the wake-up call that changed everything. Four years later, the data says otherwise ...
Log4j Vulnerability Guide: Detection and Remediation | Contrast
TL;DR Traditional security tools generate overwhelming false positives because they cannot tell which Log4j vulnerabilities are actually exploitable. This guide explains why IAST runtime detection provides accurate results and how ADR blocks ...
Exploits Explained: How Log4j, Buffer Overflows and Other Exploits Work
How Exploits Work In cybersecurity, the term “exploit” is used to represent a piece of code, data or sequence of commands that takes advantage of a vulnerability. This code is usually broken ...
Unsafe Deserialization Attacks Surge | December Attack Data | Contrast Security
Attacks on individual applications were down month to month in December 2024, but one of the most dangerous types of attacks was up significantly. That’s according to data Contrast Security publishes monthly ...
Anatomy of an Attack | ADR vs WAF and EDR Technology | Contrast Security
In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the ...
Top 4 Application Attacks Detected and Blocked by Contrast ADR | XSS, Method Tampering, Path Traversal and JNDI Injection | Contrast Security
The Contrast Security Runtime Security Platform — the engine that underpins Contrast’s Application Detection and Response (ADR) technology — blocked approximately 47K cybersecurity attacks during the month of August 2024. ...
Zero-day vulnerabilities: A beginner’s guide
Note: This article was originally published on The New Stack ...
Known Vulnerabilities Drove Most Cyberattacks in 2022
New research revealed an all-too-familiar theme: Known vulnerabilities for which patches have been issued were the main way threat actors executed cyberattacks in 2022. “The data highlights that long-known vulnerabilities frequently cause ...
Fast Facts: How to Find and Fix the Log4j Vulnerability in Under 2 Minutes
Many organizations still need to find the Log4j vulnerability in their environment and address the risk. The news about Log4Shell, the vulnerability impacting the Apache Log4j software library, first burst onto the ...
Where is Your Risk? Vulnerabilities in Open Source Software
The first post of this series on the software-related risks organizations are facing looked at vulnerabilities introduced in development. In this post we look at the risks of open source vulnerabilities. Organizations ...
