5 Best Practices for your SAST Evaluation

26 Feb 2019 by Dr. Johannes Dahse

Static Application Security Testing Evaluation

Choosing the right solution for automated security testing is hard. A good way is to run a proof of concept (POC) of different vendors so you can verify marketing claims before adding another software to your stack. Our best practices can help to prepare an efficient and thorough evaluation so you can unmask snake oil from cutting-edge technology and make the best choice.

Read More

PHP Security Advent Calendar 2018 Announcement

27 Nov 2018 by Dr. Johannes Dahse
PHP Security Advent Calendar

The holiday season is coming up again and it’s time for some security fun. For the third time in a row, we are proud to announce our PHP security advent calendar. This year, we will analyze 24 exciting security bugs that we detected in the most widespread WordPress plugins.

Read More

New PHP Exploitation Technique Added

14 Aug 2018 by Dr. Johannes Dahse

PHP Exploitation Technique

Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.

Read More

Comparison of Application Security Testing Approaches

31 Jul 2018 by Dr. Johannes Dahse

Zend Server Integration

Web applications can be tested manually or automated, as a blackbox or a whitebox, with static or dynamic analysis. In this post we compare the advantages and disadvantages of a variety of approaches and solutions.

Read More

Ensure Application Security with Zend Server and RIPS

27 Mar 2018 by Dr. Johannes Dahse

Zend Server Integration

Zend Server is the ultimate and most secure software platform for deploying, monitoring, debugging, maintaining, and optimizing enterprise PHP applications. It also helps to keep the technology stack up-to-date and to avoid security risks that stem from outdated components. However, most of the daily web attacks try to exploit security bugs in the applications’ source code. Popular vulnerability types such as SQL injection and cross-site scripting can enable attackers to steal sensitive user data from the server. The attack surface is further increased by a variety of PHP-specific security pitfalls. A single successful breach puts a company’s reputation and compliance at danger.

Read More