Veracode

Veracode

By embedding into your existing software development workflow, Veracode ensures that security assessments and vulnerability remediations are completed during logical points throughout your development cycle.

Stay up to date on Application Security

Posts by Veracode
  • Spring Framework Remote Code Execution…
    March 31, 2022 | By The Veracode Research Team

    Details of a zero-day vulnerability in Spring Framework were leaked on March 29, 2022 but promptly taken down by the original source. Although much of the initial speculation about the nature of the vulnerability was incorrect, we now know that the vulnerability has the potential to be quite…

    Read Article
     
  • A Review of Log4Shell Detection Methods
    December 22, 2021 | By The Veracode Research Team

    Ever since the public exploit of the Log4Shell remote code execution (RCE) vulnerability became known on December 10, 2021, security teams have been scrambling to understand the risk to their environments. Part of that scramble has been to ascertain which tools are best positioned to help detect …

    Read Article
     
  • The Good, the Bad, and The Ugly:…
    December 17, 2021 | By The Veracode Research Team

    Why is OWASP a Good Framework The Open Web Application Security Project (OWASP) is a nonprofit organization with the purpose to help secure software. They provide data that can give engineering and security teams a better idea of where the most common risks may lie. The 2021 OWASP Top 10, released…

    Read Article
     
  • URGENT: Analysis and Remediation…
    December 10, 2021 | By The Veracode Research Team

    Updates: 30-Dec-2021: Clarified attack scenario for Log4j 1.x CVE-2021-4104 29-Dec-2021: Updated remediation guidance to include CVE-2021-44832 22-Dec-2021: Added details for the latest version of Log4J for Java 6 and Java 7 20-Dec-2021: Updated Am I affected, Remediation and Off-the-Shelf sections…

    Read Article
     
  • Recent Updates to the OWASP Top Ten Web…
    November 10, 2021 | By The Veracode Research Team

    The Open Web Application Security Project (aka OWASP) recently announced its latest updates to the venerable OWASP Top Ten list. This publication is meant to bring attention to the most common classes of software-related security issues facing developers and organizations in the hopes of helping…

    Read Article
     

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

Subscribe Now!