Contrast Labs: Apache Struts CVE-2020-17530

On December 8, 2020, Apache published a security bulletin providing details for CVE-2020-17530, a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability in Apache Struts 2.0.0 to 2.5.25 that provides attackers arbitrary remote e… Continue reading Contrast Labs: Apache Struts CVE-2020-17530

Why Application Flow Maps Are the Coolest Feature in Application Security

Application flow maps are the cool feature you can use to discover that needle in a haystack—how does my running app work and what does my app connect to?
The post Why Application Flow Maps Are the Coolest Feature in Application Security app… Continue reading Why Application Flow Maps Are the Coolest Feature in Application Security

Coalfire PCI Compliance & Contrast Security

Contrast Assess and Protect recently went through an independent evaluation by CoalFire, a respected Payment Card Industry (PCI) and Payment Application (PA) Qualified Security Assessor Company (QSAC).
The post Coalfire PCI Compliance & Contra… Continue reading Coalfire PCI Compliance & Contrast Security