- December 1, 2015 | By Caleb Fenton
A few weeks ago, I wrote about the recent Apache Commons Collections deserialization vulnerability in Let’s Calm Down About Apache Commons Collections. I said we were going to look into finding other libraries that were also vulnerable. In this post, I publish the findings and conclusions. Then I…Read Article
- November 17, 2015 | By Caleb Fenton
On November 6th, 2015, a blog post was published with the title "What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability". The post describes how several popular applications are exploitable via a Java deserialization vulnerability discovered by…Read Article
- November 3, 2015 | By Caleb Fenton
Understanding and configuring HTTP security settings can be confusing. There are lots of guides that serve as great technical references for all the different settings, but the purpose of this post is to explain what we have learned implementing a security policy by explaining the various security…Read Article
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.