Skip to main content

Application Security

Learn how to prevent vulnerabilities in your applications. We cover current practices in application security, cloud security, API testing, and more.

HackerOne Blog
Application Security, Vulnerability Management

Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

MITRE Releases 2022 CWE Top 25

The popular CWE Top 25 list, which ranks the most dangerous software vulnerabilities, has been updated for 2022. The...

HackerOne Blog
Application Security, Vulnerability Management

Security Highlights: New CWE Rankings, Software Supply Chains, and Side-Channel Attacks

MITRE Releases 2022 CWE Top 25 The popular CWE Top 25 list, which ranks the most dangerous software...
DevSecOps Pipeline
Application Security

5 Security Stages of the DevSecOps Pipeline

DevSecOps builds on modern DevOps practices by incorporating security processes and automation into the...

DevOps DevSecOps
Application Security

DevSecOps vs DevOps: What is the Difference?

DevSecOps can dramatically reduce cyber risk for organizations—particularly those that rely on internal...

Overlooked Server Permissions
Application Security

The Most Overlooked Server Permission Checks

We previously looked at common server authentication issues we see in code review and offered tips to avoid...
What is Confluence CVE-2022-26134 and How Do I Fix It
Application Security

Severe Confluence Vulnerability is an Active Threat (CVE-2022-26134)

Background The vulnerability allows unauthenticated remote code execution (RCE). Exploitation occurs by...
pullrequest5ways
Application Security

5 Ways I Provide Value as a PullRequest Reviewer When I Start Reviewing a New Project

Important reviewer traits for providing a great code review include prior knowledge and experience, expertise...

HackerOne announces PullRequest acquisition
Company News, Application Security

Why HackerOne Acquired Pull Request and What It Means to Our Customers

Security vulnerabilities are a significant workflow disruption when discovered near the end of development...
How Wix Uses HackerOne to Improve Their Cybersecurity Posture
Customer Stories, Application Security, Best Practices, Bounty, Vulnerability Management

How Wix Improves Their Security Posture with Ethical Hackers

Reducing risk is fundamental to Wix’s approach to cybersecurity, and as the threat landscape evolves, they...