Security Archives - Sqreen Blog

7 minute read
No comments

Preventing SQL injections in Java (and other vulnerabilities)

Carlos Schults
January 21, 2021

One of the most common types of attack an application can suffer is what we call SQL injections. Since SQL injection attacks are both common and potentially devastating, it’s essential…

View Post

Security

7 minute read
No comments

The different types of cross-site scripting (XSS)

Omkar Hiremath
January 19, 2021

Cross-site scripting (XSS) is one of the most dangerous vulnerabilities in web applications. It is a client-side script injection technique that attackers can use to steal information or send malicious…

View Post

Security

5 minute read
No comments

How RASPs and WAFs can work together

Émile-Hugo
January 12, 2021

When it comes to security tooling, it can be difficult to tell different acronyms and the approaches they represent apart. In the case of application security for production applications, there…

View Post

Security

7 minute read
No comments

Remote code execution (RCE), explained: what it is and how to prevent it

Tsviatko Yovtchev
January 7, 2021

Remote code execution (RCE) is a class of software security flaws/vulnerabilities. RCE vulnerabilities will allow a malicious actor to execute any code of their choice on a remote machine over…

View Post

5 minute read
No comments

Application security for GraphQL: how is it different?

Vladimir
December 21, 2020

GraphQL is one of the hottest topics in the API world right now. It provides an abstraction layer over more traditional HTTP communications, and has changed the way we build…

View Post

Security

6 minute read
No comments

Serverless security: how do you protect what you aren’t able to see?

Jb
December 17, 2020

Serverless security is a fascinating topic. As more organizations move to distributed architectures and new ways of running their services, new security considerations arise. I spoke about this topic at…

View Post

Security

7 minute read
No comments

SQL injection, explained: what it is and how to prevent it

Carlos Schults
December 15, 2020

A SQL injection is a security attack that is as dangerous as it is ingenious. By abusing the data input mechanisms of an application, an attacker can manipulate the generated…

View Post

4 minute read
No comments

How to use frameworks to implement your Security Paved Road

Jb
December 10, 2020

I recently sat down with Sr. Research Lead at Synopsys and framework specialist, Ksenia Peguero, on Episode 2 of the AppSec Builders Podcast. In the episode, “Framework Security with Ksenia…

View Post

Security

6 minute read
No comments

Scaling security in a high growth company: our journey at Sqreen

Jb
December 8, 2020

Five years after founding Sqreen, many things have tremendously changed. One of them is our approach to security. It’s often said that security is a journey without end. That it’s…

View Post

6 minute read
No comments

Learnings from Sqreen’s State of App Sec Report: 70% of Ruby on Rails exploits were SQLi

Carlos Schults
December 1, 2020

Saying that digital security is “important” would be the understatement of the century. It’s probably the most crucial aspect of any application nowadays. Unfortunately, security is easy to get wrong,…

View Post