Number 3 on the OWASP Top 10 2017 list is Sensitive Data Exposure. The first question to ask is whether your organization even has sensitive data that needs protection against exposure. The quick answer is that, in today’s digital world, most organizations wi...
Security misconfigurations are “holes” or weaknesses within your computer applications that leave your system vulnerable to attack. These misconfigurations allow easy exploitation from threat agents from both inside and outside of your company. The good news ...
How to Resolve and Prevent XSS Cross-site scripting (XSS) occurs when an attacker injects malicious script, like JavaScript, into your web browser which compromises an infected web site. When the user inputs data into the visited web site, the malicious code ...
OWASP Top 10 2017 – A2 Broken Authentication Authentication and session management includes verifying user credentials and managing their active sessions. Broken authentication and session management occurs when credentials cannot be authenticated and session...
Are you at risk of an injection attack? These types of attacks are common, primarily because they affect ubiquitous SQL databases. If a user — internal or external — supplies information through a form, you may be at risk. Insufficient input validation may al...
Pentesting is also called penetration testing or ethical hacking. A penetration test is designed to answer the question: “How effective is my current security against a skilled human attacker?” In this article, we’ll go over what it is, why it’s important to ...
Kiuwan’s latest release now includes coverage for Python. Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van Rossum. Van Rossum is Python’s principal author, and his continuing central role in deciding the direc...
DIY: Generate OWASP Benchmark Results for Kiuwan Code Security The OWASP Benchmark for Security Automation (OWASP benchmark) is a free and open test suite designed to evaluate the speed, coverage, and accuracy of automated software vulnerability detection too...
Reusing code is something normal in software development, but this practice makes the code less maintainable over time and it can introduce defects. As we write an application, very similar or identical code fragments begin to appear. These fragments are know...
Après l’Espagne, les USA et le Chili, Optimyth annonce l’ouverture de son quatrième bureau en France, afin d’ accompagner ses clients francophones. Kiuwan est une solution collaborative dans le Cloud, qui fournit une analyse complète du code de votre logiciel...
Thursday, September 10, 2015 7:00 am PST (4:00 PM Central Europe) Join us to discuss the merits of static analysis and how you can leverage Kiuwan (powered by Kiuwan Software) with Dimensions CM to shift –left, and elevate your code quality to the next level....
Veracode, recognized as “Leader” in the Gartner Magic Quadrant for Application Security, now supports COBOL and RPG with technology from Optimyth Software -Kiuwan creators-. In their own words: “As a further step in extending the capabilities of its platform,...
