Vanessa HendersoninSourceClearAfter The Equifax Hack We Examined the Latest Apache Struts CodeIn light of the recent news that the Equifax hack was a result of an old version of Apache Struts being exploited, we analyzed the latest…Sep 27, 2017Sep 27, 2017
Vanessa HendersoninSourceClearAnnouncing PHP Language SupportWe are proud to announce that we are adding language support for PHP. You can now scan your PHP projects and identify vulnerable libraries…Sep 25, 2017Sep 25, 2017
Vanessa HendersoninSourceClearThe Equifax Hack: What all companies need to know and do to prevent it from happening to themThe Facts — On September 7th Equifax announced that hackers breached their systems. According to their information site the breach occurred…Sep 18, 2017Sep 18, 2017
Vanessa HendersoninSourceClearSGL: Mapping the open-source genome for fun and profitFor a long-time we have known that the current state-of-the-art of vulnerability research in open-source code does not scale. That current…Sep 13, 2017Sep 13, 2017
Vanessa HendersoninSourceClearDelving into the four recent RubyGems vulnerabilitiesA few days ago, a blog was released by RubyLang and RubyGems stating that they had fixed multiple vulnerabilities. The four vulnerabilities…Sep 5, 2017Sep 5, 2017
Vanessa HendersoninSourceClearExposing External XML Entity Attacks in Android IntelliJ PluginIntelliJ is an IDE that a lot of developers know and love. Not only does it provide an intuitive UI but it also gives us plugins for all…Aug 28, 2017Aug 28, 2017
Vanessa HendersoninSourceClearDiving into Directory Traversal Vulnerabilities in Open-SourceOn August 8th, 2017 SAP released a set of security patches for its applications. Among the vulnerabilities that they fixed was a directory…Aug 22, 2017Aug 22, 2017
Vanessa HendersoninSourceClearOpen-source Packages with Malicious IntentWhy re-invent the wheel?Aug 9, 2017Aug 9, 2017
