Learnings from WordPress Security Month

15 Jan 2019 by Simon Scannell

Advent

Last year in December we released once a day a vulnerability affecting WordPress core or one of the most popular WordPress plugins, next to a critical persistent XSS in wordpress.org. This blogpost will summarize common mistakes developers make and the overall impact our advent calendar had on the WordPress community and the current state of WordPress security.

Read More

RIPS 3.0 Supports Java Security Analysis

7 Jan 2019 by Martin Bednorz

RIPS 3.0 user interface

We are excited to start the year 2019 with a new major release and milestone. RIPS 3.0 adds support for analyzing Java code for security and quality issues. Find out more about our unique code analysis approach and other new RIPS features.

Read More

New PHP Exploitation Technique Added

14 Aug 2018 by Dr. Johannes Dahse

PHP Exploitation Technique

Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.

Read More

Scan, Verify and Patch in Minutes: TikiWiki 17.1 SQLi

19 Jul 2018 by Karim El Ouerghemmi
Tikiwiki SQLi

TikiWiki is an open source software that offers a wiki-style based content management system. It has more than 1.25 million downloads and a large code base of around 1.7 million lines of code. In this blog post, we demonstrate step by step how we used our leading RIPS Code Analysis solution to detect and verify a SQL injection vulnerability in minutes.

Read More

PHP Code Quality Testing with RIPS 2.9.0

17 Apr 2018 by Martin Bednorz

New Look and Feel

One year ago we released version 2.0.0 of our superior PHP security analysis solution RIPS. Since then, monthly update releases for our user interface, REST API, and static analysis engine pushed our product, altogether with many new integration plugins and supported industry standards. Today, our user interface enables a highly modern and performant audit experience and our awarded code analysis engine detects unknown bugs in real applications as precise and complete as possible. To further aid developers on their mission to secure PHP code, we are excited to announce the support of the detection of over 30 new types of code quality bugs with RIPS!

Read More