Application Security
Introducing Ruzzy, a coverage-guided Ruby fuzzer
By Matt Schwager Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input ...
Application Security for Dummies: The Only Way Forward
To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack ...
Workshop “How to write custom security tests” – Main Takeaways
Discover the main takeaways from our latest workshop on how to write custom security tests for API security ...
Why security engineers need a new approach to identify business logic flaws
Learn why security engineers need a new approach to identify business logic flaws ...
The art and science of product security: A deep dive with Jacob Salassi
Discover the main takeaways from our conversation on product security with Jacob Salassi, Director of Product Security at Snowflake ...
Bridging the Gap: Integrating SOCs into Application Security for Enhanced Cyber Resilience
Historically, Security Operations Centers (SOCs) and Application Security (AppSec) programs have operated as distinct entities within the broader cybersecurity framework of an organization. SOCs have been the stronghold of real-time threat detection, ...
Understanding the OWASP API Security Top 10: Why BOLA is the Number One Risk for APIs
Understanding and addressing vulnerabilities is critical in cybersecurity, where APIs serve as the backbone for seamless data exchange. The OWASP API Security Top 10, revised in 2023, provides a comprehensive guide to ...
Navigating SAP Security Notes: March 2024 Patch Tuesday
SAP published ten new and two updated Security Notes for March 2024 Patch Tuesday. Compared to February’s SAP Security Patch Day release, this month’s release contains a similar number of patches but with ...
Out of the kernel, into the tokens
By Max Ammann and Emilio López Our application security team leaves no stone unturned; our audits dive deeply into areas ranging from device firmware, operating system kernels, and cloud systems to widely ...
Pathlock Announces Release of First-of-its-Kind SAP Cybersecurity Product
Pathlock is pleased to announce the launch and general availability of its Cybersecurity Application Controls (CAC), the first-ever SAP cybersecurity product designed to safeguard business data from breaches and exploitation. This innovative ...
