The Current Application Security Problem, Here’s What Our Community Thinks
As developers, security experts, and team leads we are constantly thinking about or asking how we can avoid the next big data breach? Is the
June 10, 2020
Get the latest on secure development, security attacks, news, and new product features.
The reshift IntelliJ plugin enables developers to find vulnerabilities in their own custom code and help them remediate with rich issue descriptions within the IDE.
A series on best practices, new tools, and talks from industry experts every Friday.
As developers, security experts, and team leads we are constantly thinking about or asking how we can avoid the next big data breach? Is the
As Covid-19 increases remote working and organizational concerns about security, Reshift’s “10 Weeks to Zero Vulnerabilities” webinar series is gathering security experts, software developers and
The best way to solve the software security problem is when and where it starts, right at the software creation phase. Solving the problem after
The best way to solve the software security problem is when and where it starts, right at the software creation or as close to the
Security and the Evolution of Software Development Speed Speed is critical in software development. Speed gives software companies the agility and maneuverability needed to navigate
11.7 seconds, that is how often the team of engineers are deploying code everyday at Amazon. Companies like Amazon and Netflix are releasing thousands of
LDAP Injection attacks are popular due to the common use of LDAP to authenticate user. The Lightweight Directory Access Protocol (LDAP) origins started with the
Extensible Stylesheet Language Transformations (XSLT) is a transformation language that ingests an XML document and transforms that document into another XML document. If an attacker
Java Server Pages(JSP) currently can define tag definitions through the Standard Tag Library (JSTL). One of the tag functions is the ability to disable escapeXml
Occurs when untrusted data is sent to an interpreter as part of a command or query which can execute unintended commands or access unauthorized data.
A result of an inadequately developed login pages, authentication logic, backdoor, custom session management or authentication scheme.
Attackers steal keys, execute man-in-the-middle attacks, or steal clear text data off the server, while in transit, or from the user’s client
