AppSec Testing
Complete your AppSec testing Automation, with Bright
The shift to rapid, frequent deployments over the past decade left application security behind. However, in recent years security is starting to catch up. Leading
April 13, 2021
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
AppSec Testing
Using FOSSA? Complete your AppSec testing automation with Bright
As security testing is increasingly shifting left, developer focused application security testing tools are bridging the gap between engineering and security. But automated tools are
April 8, 2021
AppSec Testing
Shopping for an AppSec testing solution? Here is what to consider
Let’s face it – whether you are checking your emails, banking online , shopping for new shoes, or doing serious business, there is a very
April 6, 2021
AppSec Testing
Using Snyk? Complete your AppSec testing Automation, with Bright
Security is no longer a siloed team with sole ownership of security testing – security testing is increasingly shifting left. Instead of developers being brought
March 23, 2021
AppSec Testing
Penetration Testing Tools: 10 Tools to Supercharge Your Pentests
What are Penetration Testing Tools? Penetration testing (pentesting) is a simulated attack launched for the purpose of uncovering security vulnerabilities. A pentest helps organizations discover
February 25, 2021
How-To
Web Application Penetration Testing: A Practical Guide
What is Web Application Penetration Testing? Web application penetration testing, also known as pentesting, simulates attacks against your web applications, to help you identify security
February 25, 2021
AppSec Testing
Penetration Testing Services: Manual or Automated?
What are Penetration Testing Services? Penetration testing (also called pentesting) is a controlled attempt to breach IT systems. Penetration testing is performed on behalf of
February 24, 2021
News
Welcoming Industry Veterans to Our Newly-Formed Board
I’m thrilled to announce our newly-formed industry advisory board and welcome to it two luminaries of the industry, each bringing their own unique perspective. They
February 18, 2021
Vulnerabilities
CSRF Attacks: Real Life Attacks and Code Walkthrough
What is CSRF Attack? Cross-Site Request Forgery (CSRF) attacks execute unauthorized actions on web applications, via an authenticated end-user’s connection. Threat actors typically use social
February 17, 2021
AppSec Testing
What is the most Important feature of your DAST Tool?
If you’re anything like me, you’re already thinking about what you might want for Christmas (or Chanukah, or Eid – other High Holy days are
February 11, 2021
AppSec Testing
How often are you testing for Application vulnerabilities?
Whether you are just starting your DevOps journey, or are fine tuning your processes as you mature, with CI/CD and easy deployment of new microservices,
January 27, 2021
Vulnerabilities
Everything you need to know about Prototype Pollution
Intro Prototype Pollution is a vulnerability that allows attackers to exploit the rules of the JavaScript programming language, by injecting properties into existing JavaScript language
January 20, 2021
AppSec Testing
Size may not matter…but in DevSecOps, frequency certainly does!
With applications driving the global economy, developers are under pressure to deliver software and more features at an unprecedented scale and speed. While no developer
December 17, 2020
AppSec Testing
Putting the Sec in DevSecOps
Last week I had the pleasure of presenting at the Pittsburgh Cybersecurity day in partnership with ISACA. It was exciting to see more than 250
December 14, 2020
AppSec Testing
DevSecOps Tooling Best Practices
DevOps teams have become successful in releasing code at speed, whether for webapps or APIs, but with the lack of testing automation, are releasing vulnerabilities
November 27, 2020
© 2022 Bright Security Inc. All Rights Reserved