APPSEC OBSERVER

The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

XML External Entity (XXE) Pitfalls With JAXB

The Java XML Binding (JAXB) runtime that ships with OpenJDK 1.8 uses a default configuration that protects against XML external entity (XXE) attacks. Contrast researched this secure default configuration and found that developers should not rely..

Continue Reading >>

Contrast Labs: Blocking Spring View Manipulation Attacks

 

Continue Reading >>

WHY OBSERVABILITY IS THE NEXT BIG THING IN SECURITY

Accelerate cloud migrations with security observability across your development life cycle.

Continue Reading >>

Contrast Labs: Apache Struts CVE-2019-0230 and How to Block Attacks

Note: Special thanks to Alvaro Muñoz (https://twitter.com/pwntester) for correcting us on some very important technical facts in our original copy of this blog.

Continue Reading >>

Contrast Application Security Platform Accepted Into Department of Defense Platform One

The U.S. Department of Defense (DoD) takes cybersecurity to new levels. Platform One, a program based out of the U.S. Air Force Office of the Chief Software Officer, builds and secures technology tools across the military that are used to “guide,..

Continue Reading >>

What Role Should Social Media Play in Discovering Vulnerabilities?

New research from the Pacific Northwest National Laboratory (PNNL) Data Sciences and Analytics Group shows that 25% of vulnerabilities appear on social media before the National Vulnerability Database (NVD). And it takes an average of nearly 90..

Continue Reading >>

The Risks Associated with OSS and How to Mitigate Them

ByJoe Coletta August 11, 2020
OSS

Open source has become nearly ubiquitous with Agile and DevOps. It offers development teams the ability to quickly and easily scale their software development life cycles (SDLC). At the same time, open-source software (OSS) components can..

Continue Reading >>

Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs

COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature digital strategies had a..
Continue Reading >>

How to Accurately and Continuously Identify and Remediate OSS Library Risks

 

Continue Reading >>

Cyberattacks on Applications Grow Exponentially, Pose Serious Risk

The need for digital engagement with customers, partners, and employees has never been greater than it is today. Most organizations were already in varying stages of digital adoption when the pandemic hit. Suddenly, businesses of all sizes..

Continue Reading >>

SUBSCRIBE TO THE BLOG