AppSec Observer: unsafe deserialization

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now

Topics

Thought Leaders
Application Security
Contrast News
DevOps
AppSec
vulnerabilities
Hacked
Threat
Runtime Security
cyberattacks
API security
DevSecOps
ADR
Product
cybersecurity
Contrast Protect
RASP
Contrast Assess
AI
Application Detection and Response (ADR)
Security
CodeSec
MFA
incident response
APIs
Metrics
cybersecurity awareness month
CVE
OSS
data breach
ransomware
2FA
CISA
IAST
threat detection
vulnerability
CISO
SCA
passwords
runtime protection
SOC
WAF
application attacks
regulation
transparency
AWS
CISOs
Contrast Scan
JavaScript
Log4j
MTTR
SAST
SQL injection
Vulnerability Management:
application layer
backlog
threat modeling
.Net
Application Layer Security
GitHub
Log4Shell
OpenSource
SIEM
Security Observability
Threat Detection and Response
XSS
attack
breach
critical infrastructure
cyberespionage
cybersecurity incident reporting
observability
path traversal
risk management
scan
software development
unsafe deserialization
zero-day
AST
Awards
CISO Insights
ChatGPT
Cloud security
Community Edition
Contrast ADR
Contrast SCA
Cybersecurity Risk Management
DBIR
DHS
EDR
Gen AI
KVE
Log4Shell attacks
Log4Shell exploit
Log4j vulnerability
NIST CVE Backlog
OpenAI
RSA
React
Runtime Application Security
Security Operations Center (SOC)
Security Vulnerability Management
Splunk
Threat Intelligence
Web Application Firewall (WAF)
artificial intelligence
awareness
chat apps
cybercrime
cybersecurity culture
data privacy week
detection
detection response
extended detection response
financial institutions
financial sector
jQuery
malware
method tampering
okta
python
remediation
sbom
secure by design
security culture
security monitoring
shift smart
supply chain
vulnerability detection
vulnerability disclosure
workplace
zero days
.NET application
.Net
ADR (Application Detection and Response)
AI Act
AI Assistants (Attack Tools)
AI censorship
AI-powered security remediation
Angular
Application Security (AppSec)
Architecture design
Article 25
Attack Detection and Response (ADR)
Attack Trends
Attacks
Below the Waterline
CFO
CISA Log4Shell
CISA Vulnrichment
CNAPP
CSRF
CVE Enrichment
CVE-2021-44228
CVSS Scores
Chris Hughes
Cloud Native Security
Cloud platform protection
Console
Contrast AI remediation
Contrast One
Crisis simulations
Cross-site scripting
Cyber Bank Heists
Cybersecurity Collaboration
Cybersecurity Funding
Cybersecurity ROI
Cybersecurity tools
DAST
DORA
Data protection
DeepSeek AI
Dependabot
Developers
Digital Operational Resilience Act
Drupal
EL injection
EU Product Liability Directive (PLD)
Encryption
European Commission Amendments
European Union
False Positives
Gartner Peer Insights
Genie
Git
GitHub Action
GitLab
Go
Google
Government surveillance
HIPAA
HIPAA Amendments
Healthcare Cybersecurity
How to comply with SEC cybersecurity rules
Incident Response challenges with CVE backlog
Intelligent remediation guidance
Intrusion Detection Systems
IoT
KEV catalog
Known Exploited Vulnerabilities
LLMs
Log4Shell remediation
Log4Shell vulnerability
Log4j remediation
MITRE ATT&CK
MLflow
MOVEit
Managed Security Services
Managed security service providers
Microsoft
Multifactor Authentication
Namasday
National security
Netflix
Node.js
Open source security risks
OpenSourceSoftware
PATs
Perimeter defenses
Protect data
RCA
RCE
Real-Time Threat Detection
Regulation (EU) 2022/2554
Risk assessment
Ruby
Runtime Application Security Protection (RASP)
SEC
SEC compliance
SEC cybersecurity compliance
SEC disclosure rules
SOAR
SOC (Security Operations Center)
SOC incident response
SecOps
Secure from within
Security controls
Security engineering
Serialized Data
Software Compliance EU
Software Composition Analysis (SCA)
Software Defects and Compensation
Software Security Liability
Software supply chain security
Third-party software vulnerabilities
TypeScript
WAF (Web Application Firewall)
Zero-Day Exploits
Zero-Day Exploits Liability
agents

10 April 2025

Monthly ADR Report: Untrusted deserialization tops March’s application attacks chart

Cyberattackers are shifting their strategy in attacking applications and focusing on one of the most dangerous tactics...

Contrast research: December saw deserialization application attacks surge.

14 January 2025

Silent but deadly: December sees deserialization attacks surge despite overall lull in app attacks

Attacks on individual applications were down month to month in December 2024, but one of the most dangerous types of..

17 September 2024

August attack data: A look beyond the numbers

The Contrast Security Runtime Security Platform — the engine that underpins Contrast’s Application Detection and..

BY USE CASE

BY DEPARTMENT

BY INDUSTRY

GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

Contrast Security recognized as a Visionary by Gartner in Application Security Testing.

Contrast Incident Response Hub

AppSec Observer: unsafe deserialization

Monthly ADR Report: Untrusted deserialization tops March’s application attacks chart

Silent but deadly: December sees deserialization attacks surge despite overall lull in app attacks

August attack data: A look beyond the numbers

BY USE CASE

BY DEPARTMENT

BY INDUSTRY

GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

Contrast Security recognized as a Visionary by Gartner in Application Security Testing.

Contrast Incident Response Hub

AppSec Observer: unsafe deserialization

Monthly ADR Report: Untrusted deserialization tops March’s application attacks chart

Silent but deadly: December sees deserialization attacks surge despite overall lull in app attacks

August attack data: A look beyond the numbers

Loving our content? Subscribe now!