Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

Checkmarx Blog

What’s HOT in Application Security Vol #3

Let’s understand the web application security dilemma! Organizations within the financial services industry track an average of 800 attacks, organizations out with the financial services industry track an average of 500 attacks- no wonder it’s so vital to understand application security. It’s said that the security challenge is due to the fact that most of

Read More ›

What’s HOT in Application Security Vol #1

Hackers in China accused of a long term breach of Nortel For almost ten years Chinese hackers gained complete access to the internal network of Nortel Networks, Ltd. Nortel was previously considered to be a telecommunications power house but has been struggling financially in recent years. The hackers stole several passwords from top Nortel executives

Read More ›

LDAP Injection

LDAP Injection (CWE: 90) is an attack allowing the attacker to modify LDAP queries. Recently, I encountered a nice LDAP Injection – and I started asking myself why do we hear so little about such vulnerabilities? I would expect the opposite.

Read More ›

Path Manipulation, Directory Traversal, and interesting JAVA code

Directory Traversal Attacks Directory Traversal (CWE: 22) is usually considered a subset of Path Manipulation (CWE: 73). Directory Traversal, also referred to as Path Traversal,  attacks occur by manipulating variables with the ‘../’ (dot-dot-slash is another name this attack sometimes goes by) sequences, and attempt to access directories and files stored in a system. Path Directory

Read More ›

Jump to Category