Blog Archive

Vulnerability Insights

77% of 433,000 sites use vulnerable JavaScript libraries

November 21, 2017

DevSecOps

Exposed or not, vulnerabilities are dangerous

November 8, 2017

Vulnerability Insights

Open source vulnerabilities tripped Equifax, how can you defend yourself?

September 11, 2017

Vulnerability Insights

XSS Attacks: The Next Wave

June 8, 2017

Vulnerability Insights

Which of the OWASP Top 10 Caused the World’s Biggest Data Breaches?

May 10, 2017

Vulnerability Insights

77% of sites use at least one vulnerable JavaScript library

March 29, 2017

Vulnerability Insights

Type Manipulation: Escaping Template Sandboxes

March 21, 2017

Vulnerability Insights

Fixing a Prototype Override Protection Bypass Vulnerability in qs

March 14, 2017

Vulnerability Insights

The Frequency of Known Vulnerabilities in JavaScript Libraries

March 9, 2017

Vulnerability Insights

Fixing XXE Vulnerabilities in Nokogiri

February 14, 2017

Vulnerability Insights

Understanding Responsible Disclosures

January 31, 2017

Vulnerability Insights

Regular Expression Denial of Service (ReDoS) and Catastrophic Backtracking

January 17, 2017

Vulnerability Insights

The MongoDB hack and the importance of secure defaults

January 10, 2017

Vulnerability Insights

Fixing a Remote Code Execution Vulnerability in EJS

November 30, 2016

Vulnerability Insights

Fixing Serverless Security Vulnerabilities

October 20, 2016

Vulnerability Insights

Fixing SQL Injection: ORM is not enough

June 8, 2016

Vulnerability Insights

Fixing `marked` XSS vulnerability

May 15, 2016

Vulnerability Insights

Mitigating ImageMagick vulnerabilities in Node.js

May 6, 2016

Vulnerability Insights

Exploiting Buffer

April 5, 2016

Vulnerability Insights

How to prevent malicious packages

March 27, 2016

Vulnerability Insights

Using Node.js event loop for timing attacks

February 16, 2016