WebStrike SAST tool from DefenseCode

Identifying Client-Side JavaScript Security Vulnerabilities in SAPUI5 Applications Using SAST

Thursday, March 25, 2021

1. JavaScript Client-Side Frameworks These days you can find various popular JavaScript frameworks for creating interactive, eye catching and responsive frontends and user interfaces for your applications. Some of the most popular JavaScript frontend frameworks include Angular, React, Vue.js. Security controls implemented in these frameworks can vary significantly from framework to framework. As frameworks mature, …

software security - DevSecOps

Tainted Data and Format String Attack Strike Again

Monday, September 09, 2019

A recent code execution vulnerability (we also call this a code injection vulnerably) was discovered in Palo Alto Networks’ GlobalProtect SSL VPN, a product that handles SSL handshakes and in particular, certain versions of the software running on these products, PAN-OS. The vulnerability was discovered by security researchers Orange Tsai and Meh Chang and documented on their blog. …