The Food and Drug Administration (FDA) recently issued new requirements mandating that medical devices be secured against cyberattacks. This move comes after a long-standing concern about the potential for these devices to be hacked and used to harm patients. This new requirement is a significant step towards securing medical devices, which have been increasingly […]
READ MOREThe source code of Twitter was recently (maybe?) leaked on GitHub, a popular code repository platform. The code repository was quickly taken down, but not before it had been downloaded by hundreds of users. The leak has drawn attention from security experts regarding the implications for the social media platform and raised concerns over the […]
In a recent thread on a discussion forum, a group of developers discussed time lost on bug chasing. One developer lamented that he lost 5 days; another 5 years between the time it was discovered and the time it was finally resolved. Still another developer estimated that in an organization of 400 engineers, […]
As we embark on this new chapter in application security, it’s important to understand how AI and machine learning can provide greater understanding and insight into vulnerabilities than older methods of detection. In this article we will cover the following: The risk of using vulnerable dependencies (directly or transitively) Not all vulnerabilities pose risk. Why not? […]
AI Findings Qwiet AI has introduced a new finding category within the preZero application. In addition to the standard fields at the top of the screen, a new category labeled “AI Findings” will now be visible. This is the first iteration of the AI/ML detection engine within the preZero platform, which will have a tremendous […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
The threat landscape is evolving quickly. Application security is working to keep pace with the ever-evolving threat landscape. As the application development process becomes more incremental, with developers embracing frameworks such as Agile and DevSecOps, it is becoming more important for developers to pay attention to application security trends, know what they can do better […]
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can seem really daunting. Thankfully, most real-life vulnerabilities share the same root causes. And by studying these common vulnerability types, […]
Open Source Software (OSS) is at the core of today’s information technology. About 80% of companies run their operations on OSS and 96% of applications are built using open source components. Most of today’s commercial products are shipped with some OSS libraries. This also means that securing open source dependencies and fixing open source vulnerabilities […]
When learning how to find, exploit, or prevent different types of security vulnerabilities, you’ll want to understand the vulnerability’s root causes and what happens to an application when it’s exploited. Today, we’ll talk about remote code execution (RCE), it’s mechanisms, and how you can spot it in source code. Remote code execution and command injection […]
Securing applications is not the easiest thing to do. An application has many components: server-side logic, client-side logic, data storage, data transportation, API, and more. With all these components to secure, building a secure application can seem really daunting. Thankfully, most real-life vulnerabilities share the same root causes. And by studying these common vulnerability types […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
© 2023 Qwiet. All rights reserved.