Hey! It’s been awhile since the last AppSec Travels blog. In this post we wanted to write about a vulnerability that is near and dear to our hearts: User Enumeration. In the world of application security, some vulnerabilities are loud and catastrophic, while others are subtle, acting as silent facilitators for more significant attacks. User…
In the aftermath of the polyfill supply-chain attack that reportedly compromised the security of some 100,000 applications across the Internet last week (arstechnica reports that over 384K sites are still pulling the package subsequently), our team at Redpoint realized quickly that it was a real-world case of feature within Redpoint’s Surveyor tool. That is, lead…
Code security by coders. Manual-led application security assessments, secure-code review, and developer-friendly tooling.