Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics

    First-of-its-kind Cyber Security Product Unifies Vulnerability Detection & Attack Protection

    Contrast Introduces Continuous Application Security Contrast Security, the next generation leader in finding..

    How to Get Started in Application Security

    How to Get Started in Application Security

    My OWASP Cheat Sheet for Cross-site Scripting (XSS) just passed 1M views, and I'm proud of that. It ain't Shakespeare,..

    Contrast Security honored as Best of Breed winner in the 4th Annual 2016 Cyber Defense Magazine Infosec Awards in Application Security

    Contrast Security honored as Best of Breed winner in the 4th Annual 2016 Cyber Defense Magazine Infosec Awards in Application Security

    Recognizing Innovation During the RSA® Conference 2016 Palo Alto, Calif. – February 29, 2016 - Contrast Security, the..

    Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792)

    Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792)

    NOTE: Before you begin reading, you may want to visit the first article in this series: Serialization Must Die: Act 1:..

    Serialization Must Die: Act 1: Kryo

    Serialization Must Die: Act 1: Kryo

    When @frohoff, @gebl and @breenmachine all combined to melt Java security (in what I’m hereafter conflating under the..

    Third-Party Software Library and Airbag Grenades

    Third-Party Software Library and Airbag Grenades

    Recently Contrast Security ran some analysis of our customers’ 3rd party software usage, which is a huge security blind..

    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    With all the talk about Java serialization vulnerabilities, I thought I'd share a new, open source tool I built for you..

    Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

    The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015. This bill..

    My Top 5 Cyber Security Predictions for 2016

    It's that time of year for my top predictions for 2016. And, let's review how well I did for 2015: My 2016 predictions..

    Prev 62 63 64 65 66 Next