If you are like me, legal compliance is one of those things that really make you cringe and sigh in discontent. However, as we all know, legal compliance is there for a reason. Generally speaking, many of them are easy to comply with as long as you have the right tools, and most of them are beneficial to you, your business, and your customers in the long run.
Blog / Web Application Security
This blog post describes our partnership with the OLX Group that enabled them to use Probely’s API driven security scanner to secure their customer data and facilitate creativity. Probely integrated quickly with their in-house solution Dalek and provided evidence of vulnerabilities with no false positives.
A lot has already been covered in the interwebs regarding CVE-2021-44228 and the newer CVE-2021–45046. In case you’re just arriving from the Maldives and just heard about the log4j RCE, check this out.
Recently, we created a checklist, a Web Application Security Checklist for developers. Why? Well, because we want to help developers avoid introducing vulnerabilities in the first place. And for that, the security development process should start with training and creating awareness. Searching for vulnerabilities with a web scanner is essential, but we should always try to make security shift left, i.e. place it at the beginning of the development lifecycle. It is an investment: instead of being reactive, invest in prevention.