Image Application Security The Most Overlooked Server Permission Checks June 23rd, 2022 We previously looked at common server authentication issues we see in code review and offered... Read Now
Image Application Security Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134) June 6th, 2022 Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by sending an HTTP... Read Now
Image Application Security 5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project May 24th, 2022 As shown in Figure 1 below, even early reviews can provide value. Catching Security Vulnerabilities... Read Now
Image Application Security Why HackerOne Acquired Pull Request and What It Means for Our Customers May 3rd, 2022 Security vulnerabilities are a significant workflow disruption when discovered near the end of development. Vulnerabilities... Read Now
Image Best Practices Application Security Vulnerability Management Bug Bounty How Wix Improves Their Security Posture with Ethical Hackers April 21st, 2022 Reducing risk is fundamental to Wix’s approach to cybersecurity, and as the threat landscape evolves... Read Now
Image Application Security The Top 5 Cloud Security Risks: How Hacker-Powered Security Can Help September 21st, 2021 Software Supply Chain Attacks Are On the Rise Because open source component use is widespread... Read Now
Image Application Security Vulnerability Management Vulnerability Disclosure Program The DOD Improves Their Security Posture Through the DIB-VDP August 20th, 2021 Who is DC3’s DCISE? Krystal Covey: The Defense Collaborative Information Sharing Environment (DCISE) is the... Read Now
Image Application Security How the Industry’s First Hacker-Powered API Helps Hackers Automate Workflows July 15th, 2021 Today, HackerOne is launching the industry’s first hacker API. This release is now out of... Read Now
Image Application Security Spotlight on the Server-Side May 25th, 2021 Server-side request forgery (or SSRF) vulnerabilities can lead to total system compromise and allow access... Read Now
