Apache log4j uses

How Lattix handled the Log4j security vulnerability

Thursday, March 03, 2022

“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career”, Jen Easterly US Cybersecurity and Infrastructure Security Agency Director Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was …

WebStrike SAST tool from DefenseCode

Identifying Client-Side JavaScript Security Vulnerabilities in SAPUI5 Applications Using SAST

Thursday, March 25, 2021

1. JavaScript Client-Side Frameworks These days you can find various popular JavaScript frameworks for creating interactive, eye catching and responsive frontends and user interfaces for your applications. Some of the most popular JavaScript frontend frameworks include Angular, React, Vue.js. Security controls implemented in these frameworks can vary significantly from framework to framework. As frameworks mature, …

DefenseCode GitHub integration

DefenseCode announces GitHub Action to provide SAST solution for developers

Thursday, October 08, 2020

DefenseCode Group is proud to announce that DefenseCode’s Static Application Security Testing (SAST) ThunderScan® solution is now available as a GitHub Action, offering security vulnerability analysis across 30+ languages providing detailed vulnerability reports integrated into GitHub. GitHub is a developer collaboration platform and home to more than 50 million users, 3 million organizations, and over 100 …