AppSec Blog

Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more


7 SSRF Mitigation Techniques You Must Know

What is SSRF?  Server-side request forgery (SSRF) attacks allow an attacker to trick server-side applications into allowing access to the server or modifying files. SSRF

Post Mortem on Log4J

Post Mortem on Log4J

The purpose of any post mortem is to look into the past in order to find ways to prevent similar issues from happening again, and

AppSec Testing

OWASP ZAP: 8 Key Features and How to Get Started

What is OWASP ZAP? OWASP Zed Attack Proxy (ZAP) is a free security tool actively maintained by international volunteers. It automatically identifies web application security


Safety and Preparation for Hacker Summer Camp

Every August, hackers descend onto Las Vegas, Nevada to participate in #HackerSummerCamp, a combination of multiple cyber security/hacker events that occur simultaneously. There are several


SSRF Attack: Impact, Types, and Attack Example

What Is SSRF Attack? Web applications often trigger requests between HTTP servers. These requests are typically used to fetch remote resources such as software updates,

© 2022 Bright Security Inc. All Rights Reserved