
How Lattix handled the Log4j security vulnerability
“The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career”, Jen Easterly US Cybersecurity and Infrastructure Security Agency Director Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was …
Continue reading “How Lattix handled the Log4j security vulnerability”

Identifying Client-Side JavaScript Security Vulnerabilities in SAPUI5 Applications Using SAST
1. JavaScript Client-Side Frameworks These days you can find various popular JavaScript frameworks for creating interactive, eye catching and responsive frontends and user interfaces for your applications. Some of the most popular JavaScript frontend frameworks include Angular, React, Vue.js. Security controls implemented in these frameworks can vary significantly from framework to framework. As frameworks mature, …

DefenseCode announces GitHub Action to provide SAST solution for developers
DefenseCode Group is proud to announce that DefenseCode’s Static Application Security Testing (SAST) ThunderScan® solution is now available as a GitHub Action, offering security vulnerability analysis across 30+ languages providing detailed vulnerability reports integrated into GitHub. GitHub is a developer collaboration platform and home to more than 50 million users, 3 million organizations, and over 100 …
Continue reading “DefenseCode announces GitHub Action to provide SAST solution for developers”