News
The Future is Bright
Today we are announcing an additional $20 million in funding to fuel our growth and continue to help organizations (and their software developers) secure their
March 1, 2022
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
Vulnerabilities
Code Injection in Javascript: Prevention and Remediation
What is Code Injection in Javascript? Code Injection is a common vulnerability that occurs when an attacker is able to inject malicious snippets of code
March 1, 2022
How-To
Pen Testing with Python: Pros and Cons
What is Pen Testing? Pen Testing is a process of protecting your system from cyber attacks. This is achieved by executing various malicious programs in
March 1, 2022
AppSec Testing
Penetration Testing in AWS: Can You Test Your Cloud?
What Is AWS Penetration Testing? Penetration testing typically involves an ethical hacker looking for network vulnerabilities that a malicious hacker could exploit. These tests provide
February 10, 2022
AppSec Testing
SQL Injection in Oracle: Examples and Prevention
What is SQL Injection and Can it Happen in an Oracle Database? Unfortunately, the quick answer is a resounding YES – Oracle databases are by
February 10, 2022
AppSec Testing
6 CSRF Protection Best Practices You Must Know
What is Cross Site Request Forgery (CSRF)? A CSRF attack can force a user to perform unwanted actions on a web application. CSRF assumes that
February 4, 2022
Vulnerabilities
Directory Traversal Mitigation: How to Prevent Attacks
In a directory traversal attack, a malicious user utilizes directory traversal attempts to gain access to files on the server they shouldn’t have access to.
February 4, 2022
Vulnerabilities
Code Injection in Brief: Types, Examples, and Mitigation
What Is Code Injection? Code injection refers to attacks that involve injecting malicious code into an application. The application then interprets or executes the code,
January 31, 2022
AppSec Testing
Avoiding Security Incidents with a Dev-First AppSec Program
Did you miss our webinar on ‘Avoiding Security Incidents with a Dev-First AppSec Program’?Don’t worry; it’s available on-demand! Renowned security expert Ofer Maor and Bright’s
January 26, 2022
Updates
Product Update – January 2021
A lot is happening with Bright! Here are some updates and new features that will make your experience even better. New Features Introducing a new
January 25, 2022
Vulnerabilities
Stored XSS: Impact, Examples, and Prevention
What Is Stored XSS (Cross Site Scripting)? XSS is an attack technique that injects malicious code into vulnerable web applications. Unlike other attacks, this technique
January 24, 2022
AppSec Testing
Snyk CLI Quick Guide: Installation and Common Commands
What Is Snyk CLI? Snyk is a popular security testing platform for developers. The Snyk Command Line Interface (CLI) lets you introduce Snyk functionality into
January 17, 2022
AppSec Testing
8 Great Snyk Alternatives
What is Snyk? Snyk is an application security testing tool that lets you identify and remediate vulnerabilities in open source components, proprietary source code, containers,
January 13, 2022
AppSec Testing
7 Open Source Pentesting Tools and When To Use Them
What is Pentesting and what are Pentesting tools? The goal of pentesting (penetration testing) is to detect security vulnerabilities by utilizing specific processes, tools and
January 10, 2022
Vulnerabilities
XSS Attack: 3 Real Life Attacks and Code Examples
What is an XSS Attack? A cross-site scripting (XSS) attack injects malicious code into vulnerable web applications. XSS does not target the application directly. Instead,
January 10, 2022
© 2022 Bright Security Inc. All Rights Reserved