Blog Archiv

Schwachstellen-Insights

Sequelize ORM npm library found vulnerable to SQL Injection attacks

11. September 2019

Open-Source-Sicherheit

Automating open source security scanning with Snyk and CircleCI

16. August 2019

Open-Source-Sicherheit

Staying ahead of security vulnerabilities with security patches

31. Juli 2019

Open-Source-Sicherheit

Fix open source vulnerabilities directly from your Eclipse IDE

25. Juli 2019

Open-Source-Sicherheit

How to increase Serverless observability, monitoring and security

15. Juli 2019

Schwachstellen-Insights

Concerns of supply-chain attacks amplify as remote code execution was found in Ruby gem strong_password

7. Juli 2019

Schwachstellen-Insights

Snyk research team discovers severe prototype pollution security vulnerabilities affecting all versions of lodash

5. Juli 2019

Open-Source-Sicherheit

Serverless is great, but what about the security of my AWS Lambda functions and their dependencies?

3. Juli 2019

DevSecOps

Best practices for secrets management in serverless applications

13. Juni 2019

Anwendungssicherheit

npm passes the 1 millionth package milestone! What can we learn?

4. Juni 2019

DevSecOps

10 Serverless security best practices

31. Mai 2019

Anwendungssicherheit

Scoring security vulnerabilities 101: Introducing CVSS for CVEs

16. Mai 2019

Schwachstellen-Insights

CRLF injection found in popular Python dependency, urllib3

15. Mai 2019

Schwachstellen-Insights

A Denial of Service vulnerability discovered in the Axios JavaScript package - affecting all versions of the popular HTTP client

6. Mai 2019

Open-Source-Sicherheit

How much do we really know about how packages behave on the npm registry?

22. April 2019

Schwachstellen-Insights

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

15. April 2019

Schwachstellen-Insights

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

4. April 2019

Anwendungssicherheit

Introducing experimental integrity policies to Node.js

21. März 2019

Open-Source-Sicherheit

78% of vulnerabilities are found in indirect dependencies, making remediation complex

26. Februar 2019

Open-Source-Sicherheit

ReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow

26. Februar 2019

Open-Source-Sicherheit

88% increase in application library vulnerabilities over two years

26. Februar 2019

Open-Source-Sicherheit

Open source maintainers want to be secure, but 70% lack skills

26. Februar 2019

Open-Source-Sicherheit

81% believe developers should own security, but they aren’t well-equipped

26. Februar 2019

Open-Source-Sicherheit

10 npm Security Best Practices

19. Februar 2019