Homepage
Open in app
Sign in
Get started
SourceClear
Security automation for open source code that gives you the confidence to ship secure software fast.
R&D (The S-Force)
Engineering
Perspectives
Product
SourceClear
Follow
Latest Stories
After The Equifax Hack We Examined the Latest Apache Struts Code
After The Equifax Hack We Examined the Latest Apache Struts Code
In light of the recent news that the Equifax hack was a result of an old version of Apache Struts being exploited, we analyzed the latest…
Vanessa Henderson
Sep 27, 2017
Announcing PHP Language Support
Vanessa Henderson
The Equifax Hack: What all companies need to know and do to prevent it from happening to them
Vanessa Henderson
SGL: Mapping the open-source genome for fun and profit
Vanessa Henderson
Delving into the four recent RubyGems vulnerabilities
Vanessa Henderson
Exposing External XML Entity Attacks in Android IntelliJ Plugin
Vanessa Henderson
Diving into Directory Traversal Vulnerabilities in Open-Source
Vanessa Henderson
Research and Development
Delving into the four recent RubyGems vulnerabilities
Delving into the four recent RubyGems vulnerabilities
A few days ago, a blog was released by RubyLang and RubyGems stating that they had fixed multiple vulnerabilities. The four vulnerabilities…
Vanessa Henderson
Sep 5, 2017
SGL: Mapping the open-source genome for fun and profit
SGL: Mapping the open-source genome for fun and profit
For a long-time we have known that the current state-of-the-art of vulnerability research in open-source code does not scale. That current…
Vanessa Henderson
Sep 13, 2017
Exposing External XML Entity Attacks in Android IntelliJ Plugin
Exposing External XML Entity Attacks in Android IntelliJ Plugin
IntelliJ is an IDE that a lot of developers know and love. Not only does it provide an intuitive UI but it also gives us plugins for all…
Vanessa Henderson
Aug 28, 2017
Diving into Directory Traversal Vulnerabilities in Open-Source
Diving into Directory Traversal Vulnerabilities in Open-Source
On August 8th, 2017 SAP released a set of security patches for its applications. Among the vulnerabilities that they fixed was a directory…
Vanessa Henderson
Aug 22, 2017
Open-source Packages with Malicious Intent
Open-source Packages with Malicious Intent
Why re-invent the wheel?
Vanessa Henderson
Aug 9, 2017
Un-patched for months, could Cisco 0-day lead to another round of WannaCry?
Un-patched for months, could Cisco 0-day lead to another round of WannaCry?
For the last few weeks, we all got our ears torn out by story after story of WannaCry this, WannaCry that. Not long ago, there was a…
Ming Yi
May 31, 2017
Continuous Verification: A new method to secure programs
Continuous Verification: A new method to secure programs
Building secure software is the holy grail of computer science. On one end of the spectrum we have methods like formal verification that…
Asankhaya Sharma
Jun 12, 2017
About SourceClear
Latest Stories
Archive
About Medium
Terms
Privacy
Teams
