APPSEC OBSERVER

The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

Ian Mangan, Associate Engineer

Ian is a software development and security enthusiast who loves to learn all he can about how to design secure systems and how to break systems designed by others. Outside of work, he enjoys playing games with friends, cooking/baking, and spending time with family.

Contrast Labs: Apache Struts CVE-2020-17530

On December 8, 2020, Apache published a security bulletin providing details for CVE-2020-17530, a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability in Apache Struts 2.0.0 to 2.5.25 that provides attackers arbitrary..

Continue Reading >>

SUBSCRIBE TO THE BLOG