AppSec Observer

Traditional AppSec Code Halts Kill DevOps Release Cycles

In recent years, the application security (AppSec) field has not advanced as rapidly as the software development..

Tips and Tactics for Creating Your Own Capture-the-Flag Event

Making Security Awareness Fun Is your security awareness training program effective and making a difference? Does it..

State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

When it comes to protecting running applications, traditional defenses that sit on the perimeter lack effective..

Incident Response Requires a New AppSec Model

Incident response found its way into our technological vernacular back in 1988 when the first internet worm—dubbed “The..

Contrast Labs: CVE-2020-11444: Privilege Escalation Vulnerability in Sonatype Nexus Repository Manager

In this time of COVID-19, social distancing, stay at home, shelter in place, and all the other things that force us to..

What Vulnerabilities and Attacks Matter? Insights from Contrast Labs’ AppSec Intelligence Report

The threat landscape is constantly evolving, growing in sophistication as well as volume and velocity. This presents..

Videoconferencing Is Being Weaponized, Tips on Making Your Meetings More Secure

Zoom, the videoconferencing application that has grown from 10 million users in December to over 200 million today (an..

How Hackers Are Exploiting COVID-19 and What Organizations Can Do About It

Now that many people are working from home due to the coronavirus disease (COVID-19), businesses are facing..

Contrast Labs: Google Sheets Stored XSS Vulnerability in COVID-19 Table