44 matches found
Rapid7 Named a Visionary in 2021 Gartner Magic Quadrant for Application Security Testing
Rapid7 is excited to share that we have been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing AST We are so excited to share the news that Rapid7 has been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing.Thi...
Creating coefficiency: DevOps, Security, and Compliance
Secure IaC Infrastructure-as-code IaC is a powerful partnership accelerator. As businesses and organizations scale into the cloud to realize its full production-enablement potential, security often struggles to keep up. The ultimate goal on the security horizon is, of course, to prevent risks and...
Prepare for more sophisticated security threats in 2021
As computing becomes more distributed to achieve greater optimization and efficiency, the threats posed by cyberattackers are destined to become increasingly more sophisticated. Here are some steps organizations should take in 2021 to mitigate such sophisticated security threats. Start with...
Stripo Inc: weak password poilicy in signup password leak to account takeover
Summary: add summary of the vulnerability i create account with weak password Steps To Reproduce: add details for how we can reproduce the issue 1.i create account with weak password qwerty123 2- account create done without validation 3- it should have protected users from attack and have policy...
RiskAssessmentFramework - Static Application Security Testing
The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environement setup process is complex. By using OWASP Risk Assessment Framework's Static...
Visit Wallarm at Google Cloud Next
April 9–11, San Francisco, CA We are excited to join the community of the GCP professionals and demonstrate Wallarm web and API protection solutions custom-built for Google Cloud-powered applications. A certified GCP-partner, Wallarm delivers AI-powered security solution built to help your busine...
Here Comes Wallarm
Today we are happy to announce the closing of $8 Million Series A financing. After talking with many venture firms in California, we decided to partner up with Toba Capital, a firm with an excellent understanding of the enterprise market and previous successful investments in security, such as...
A few words about Gartner’s “Magic Quadrant for Application Security Testing” 2018
February and March are the hot months for marketing reports. I already wrote about IDC and Forrester reports about Vulnerability Management-related markets. And this Monday, March 19, Gartner released new "Magic Quadrant for Application Security Testing". You can buy it on the official website fo...
WordPress Top-10 2.4.2 SQL Injection
DefenseCode ThunderScan SAST Advisory: WordPress Top-10 Plugin SQL Injection Security Vulnerability Advisory ID: DC-2017-12-003 Advisory Title: WordPress Top-10 Plugin SQL Injection Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Top-10 plugin...
WordPress Clean Up Optimizer 4.0.0 SQL Injection
DefenseCode ThunderScan SAST Advisory: WordPress Clean Up Optimizer Plugin Security Vulnerability Advisory ID: DC-2017-12-004 Advisory Title: WordPress Clean Up Optimizer Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Clean Up Optimizer...
WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
DefenseCode ThunderScan SAST Advisory WordPress Podlove Podcast Publisher Plugin Security Vulnerability Advisory ID: DC-2017-05-006 Advisory Title: WordPress Podlove Podcast Publisher Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Podlove...
WordPress Plugin Easy Modal 2.0.17 - SQL Injection
WordPress Plugin Easy Modal 2.0.17 - SQL Injection DefenseCode ThunderScan SAST Advisory WordPress Easy Modal Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-007 Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities Advisory URL:...
WordPress PressForward 4.3.0 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory WordPress PressForward Plugin Security Vulnerability Advisory ID: DC-2017-05-007 Advisory Title: WordPress PressForward Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress PressForward plugin Language: PHP...
Introducing InsightAppSec: Cloud-powered Application Security Testing
Rapid7 announces today the launch of InsightAppSec, the newest product to be delivered on the Insight platform. InsightAppSec combines the power and accuracy of Rapid7s industry-leading and proven Dynamic Application Security Testing DAST engine with the quick deployment, scalability, and...
WordPress No External Links 3.5.17 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security Vulnerability Advisory ID: DC-2017-01-022 Advisory Title: WordPress No External Links Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress No External Links Plugi...
WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection
WordPress Plugin Huge-IT Video Gallery 2.0.4 - SQL Injection DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security Vulnerability Advisory ID: DC-2017-01-009 Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerability Advisory URL:...
WordPress AffiliateWP 2.0.8 Cross Site Scripting
DefenseCode ThunderScan SAST Advisory WordPress AffiliateWP Plugin Security Vulnerability Advisory ID: DC-2017-05-05 Advisory Title: WordPress AffiliateWP Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress AffiliateWP Plugin Language: PHP...
WordPress All In One Schema.org Rich Snippets 1.4.1 XSS
DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory ID: DC-2017-01-002 Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Softwar...
PT-2014-65: Multiple Cross-Site Scripting in InstantCMS
The specialists of the Positive Research center have detected multiple Cross-Site Scripting vulnerabilities in InstantCMS. Cross-site scripting in the spellchecker.php file allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's...
PT-2014-79: Cross-Site Scripting in ShopOS
The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Cross-site scripting in the market.php script allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to fix No...