sql injection

sql injection news search results

Developer news items we found relating to sql injection

15 results
Oxeye-discovers-vulnerability-in-HashiCorp-Vault-Project

Oxeye discovers vulnerability in HashiCorp Vault Project


Tuesday, April 25, 2023 by

Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...


Open-Bug-Bounty-has-fixed-1-million-vulnerabilities

Open Bug Bounty has fixed 1 million vulnerabilities


Monday, November 7, 2022 by

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities. The Open Bug Bounty project enables website owners to receive advice and support from&n...


Tips-for-securing-container-deployments

Tips for securing container deployments


Friday, September 1, 2017 by

Container deployments are still susceptible to the regular threats that other types of deployments are - including DDoS and cross-site scripting attacks. In fact, hackers often take advantage of compromised containers to scan sensitive data, download malware, or privilegeunauthorized access to any of your containers, hosts or data centers.Fei Huang is the CEO of NeuVect...


Cloud-native-app-firewall-Twistlock-2.1-launches

Cloud native app firewall Twistlock 2.1 launches


Monday, July 17, 2017 by

Twistlock, a provider of cloud container security solutions, has announced the availability of Twistlock 2.1. The latest release of their flagship product includes a first of its kind cloud native app firewall, vulnerability risk ranking that uses knowledge of an enterprise’s unique environment to prioritize what to fix first, a brand new dashboard and integrated secret...


Improve-mobile-app-security-by-turning-it-into-code

Improve mobile app security by turning it into code


Monday, May 8, 2017 by

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...


The-hottest-skills-needed-in-the-freelance-job-market-to-get-hired

The hottest skills needed in the freelance job market to get hired


Thursday, May 4, 2017 by

Upwork has released its newest quarterly index of the hottest skills in the U.S. freelance job market. The Upwork Skills Index ranks the site’s 20 fastest-growing skills and is part of a quarterly series that sheds light on new and emerging skills freelancers are providing. According to a recent report, nearly half (49%) of hiring managers use freelancers to access skil...


How-NGINX-could-overpower-Microsoft-soon

How NGINX could overpower Microsoft soon


Thursday, April 13, 2017 by

In 2016, NGINX experienced their largest gains as a web server vendor, having increased by 4.8 million active sites and 2.85 percentage points. Netcraft believes that if these trends continue in 2017, NGINX could possibly overtake Microsoft as the second largest vendor in the second half of the year.In a recent conversation with Faisal Memon, Product Marketing at NGINX,...


Checkmarx-opens-beta-support-for-Scala-programming-language

Checkmarx opens beta support for Scala programming language


Wednesday, February 1, 2017 by

Checkmarx, an application security testing company, has announced open beta support of the Scala programming language. The new capability adds the ability to analyze and remediate security risks and vulnerabilities exposed in projects written using Scala code.The added capability not only allows the detection of vulnerabilities within Scala code, but also the ability to...


Security-First:-5-tips-for-building-a-secure-mobile-app-from-the-ground-up

Security First: 5 tips for building a secure mobile app from the ground up


Wednesday, October 5, 2016 by

With more than two billion smartphone users worldwide, the app market has exploded — along with risks. Mobile app developers are still struggling to make security a priority and by 2017, cyber-attacks via vulnerable apps are anticipated to account for 75% of all mobile security breaches. Given what's at stake, it's critical that developers build apps that are &ldq...


Swift-Programmers-Using-Checkmarx-Can-Now-Detect-Security-and-Code-Flaws

Swift Programmers Using Checkmarx Can Now Detect Security and Code Flaws


Wednesday, September 7, 2016 by

Since launching publicly at Apple’s WWDC in 2014, Swift has soared in popularity amongst programmers and has caught the attention of other major technology players in the process. Google is now even considering implementing Swift as a “first class” language for Android. Facebook and Uber are exploring ways to make Swift more central to their operations, while IBM, ...


ERPScan-Releases-New-SaaS-Security-Platform-for-SAP-Environments

ERPScan Releases New SaaS Security Platform for SAP Environments


Tuesday, July 26, 2016 by

ERPScan has released a new SaaS solution to protect SAP environments from customization issues. The new solution combines the ERPScan Security Monitoring Suite engine and new technologies developed ERPScan. ERPScan's SAP Code Security SaaS provides the ability to upload a program code from their SAP Systems into ERPScan's cloud platform. Users receive a list of ide...


86-Percent-of-PHP-Based-Applications-Contain-at-Least-One-CrossSite-Scripting-Vulnerability

86 Percent of PHP Based Applications Contain at Least One CrossSite Scripting Vulnerability


Tuesday, December 8, 2015 by

Veracode is reporting that its analytics show 86 percent of PHP-based applications contain at least one Cross-Site Scripting (XSS) vulnerability and 56 percent have at least one SQL injection (SQLi) when initially assessed by Veracode. The analysis is part of a supplement to Veracode’s “2015 State of Software Security: Focus on Application Development”, which is a repor...


Contrast-Security-Release-New-Enterprise-Application-Security-Platform

Contrast Security Release New Enterprise Application Security Platform


Tuesday, June 9, 2015 by

Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumen...


-Checkmarx-Releases-New-CxRASP-Platform-Offering-Runtime-Application-Self-Protection

Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection


Friday, February 6, 2015 by

Checkmarx has announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, which utilizes two-point instrumentation technology to continuously observe an app’s bidirectional data flow, enabling the detection and defense against real-time attacks.CxRASP is the latest addition to the Checkmarx Application Security Hub which provides solutions f...


HP-Launches-Cloud-Managed-Application-Self-Protection-Service

HP Launches Cloud Managed Application Self Protection Service


Friday, September 12, 2014 by

HP has introduced HP Application Defender, a cloud-managed application self-protection service that provides immediate visibility and actively defends production applications against attacks.As HP said in the recent announcement, “As the number and complexity of enterprise applications grows, the attack surface for exploits increases exponentially, leaving enterpri...