Skip to main content

Security@ 2022: Achieve Attack Resistance

Get your complimentary pass to Security@ 2022 with promo code VIPCOMP

October 12-13, San Diego | October 13, London

Register today

 

Application Security

Learn how to prevent vulnerabilities in your applications. We cover current practices in application security, cloud security, API testing, and more.

Application Security, Penetration Testing, Vulnerability Management

Introducing Unified HackerOne Scope Management with Burp Suite Support

This post will start with the basics of defining scope and how ethical hackers and testers use it in their testing workflow. If you’re already...

Application Security, Penetration Testing, Vulnerability Management

Introducing Unified HackerOne Scope Management with Burp Suite Support

This post will start with the basics of defining scope and how ethical hackers and testers use it in their...
HackerOne Blog
Application Security, Vulnerability Management

Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software...
DevSecOps Pipeline
Application Security

5 Security Stages of the DevSecOps Pipeline

DevSecOps builds on modern DevOps practices by incorporating security processes and automation into the...

Overlooked Server Permissions
Application Security

The Most Overlooked Server Permission Checks

We previously looked at common server authentication issues we see in code review and offered tips to avoid...
DevOps DevSecOps
Application Security

DevSecOps vs DevOps: What is the Difference?

DevSecOps can dramatically reduce cyber risk for organizations—particularly those that rely on internal...

What is Confluence CVE-2022-26134 and How Do I Fix It
Application Security

Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)

Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by...
pullrequest5ways
Application Security

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project

Important reviewer traits for providing a great code review include prior knowledge and experience, expertise...

HackerOne announces PullRequest acquisition
Company News, Application Security

Why HackerOne Acquired Pull Request and What It Means to Our Customers

Security vulnerabilities are a significant workflow disruption when discovered near the end of development...