Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Contrast Security honored as Best of Breed winner in the 4th Annual 2016 Cyber Defense Magazine Infosec Awards in Application Security

    Contrast Security honored as Best of Breed winner in the 4th Annual 2016 Cyber Defense Magazine Infosec Awards in Application Security

    Recognizing Innovation During the RSA® Conference 2016 Palo Alto, Calif. – February 29, 2016 - Contrast Security, the..

    Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792)

    Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792)

    NOTE: Before you begin reading, you may want to visit the first article in this series: Serialization Must Die: Act 1:..

    Serialization Must Die: Act 1: Kryo

    Serialization Must Die: Act 1: Kryo

    When @frohoff, @gebl and @breenmachine all combined to melt Java security (in what I’m hereafter conflating under the..

    Third-Party Software Library and Airbag Grenades

    Third-Party Software Library and Airbag Grenades

    Recently Contrast Security ran some analysis of our customers’ 3rd party software usage, which is a huge security blind..

    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    A New, Open Source Tool Proves: Even After Patching, Deserializing Will Still Kill You

    With all the talk about Java serialization vulnerabilities, I thought I'd share a new, open source tool I built for you..

    Point of View: Congress Ironically Hacks CISA into "Must Pass" Omnibus Spending Bill -- Destroys Privacy

    The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015. This bill..

    My Top 5 Cyber Security Predictions for 2016

    It's that time of year for my top predictions for 2016. And, let's review how well I did for 2015: My 2016 predictions..

    Why the Java serialization vulnerability makes Heartbleed look tame - explained

    Why the Java serialization vulnerability makes Heartbleed look tame - explained

    I've been receiving questions from some of you to provide a bit more detail on why this Java vulnerability is so..

    Dashboard0127.png

    How to protect your Apps from the Java Serialization Vulnerability

    A widespread vulnerability in Java environments leaves thousands of businesses seriously exposed. Despite lacking a..

    Prev 66 67 68 69 70 Next