AppSec Blog

Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more

Post Mortem on Log4J
Vulnerabilities

Post Mortem on Log4J

The purpose of any post mortem is to look into the past in order to find ways to prevent similar issues from happening again, and

AppSec Testing

OWASP ZAP: 8 Key Features and How to Get Started

What is OWASP ZAP? OWASP Zed Attack Proxy (ZAP) is a free security tool actively maintained by international volunteers. It automatically identifies web application security

News

Safety and Preparation for Hacker Summer Camp

Every August, hackers descend onto Las Vegas, Nevada to participate in #HackerSummerCamp, a combination of multiple cyber security/hacker events that occur simultaneously. There are several

Vulnerabilities

SSRF Attack: Impact, Types, and Attack Example

What Is SSRF Attack? Web applications often trigger requests between HTTP servers. These requests are typically used to fetch remote resources such as software updates,

Join our workshop: JavaScript Global Summit’22