INNOVATION : A clean way to secure applications through the devel opment cycle, resulting in fewer vulnerabilities and far fewer false positives during the vulnerability testing cycle by focusing on data flows within the application under development GREATEST STRENGHT: Solid understanding of the application development process and where vulnerabilities might enter it See the full […]
Seeker from Quotium takes a somewhat different approach to application security from most similar products. First, it does code analysis, but not just static code analysis. It injects an agent onto the server. The agent connects to the process and reports the results of any requests sent to the process. They look at data, not just code. If I am an attacker, I am after your data. So Seeker looks closely at how the processes in the application respond to attempted interactions with data.
Dynamic Application Security Testing (DAST) solutions test applications from the “outside in” to detect security vulnerabilities. In contrast, Static Application Security Testing (SAST) solutions test applications from the “inside out” by looking a source code, byte code or binaries. Both approaches have their pros and cons and, until recently, the market for these tools has […]
Do SQL injections turn you on? How about double SQL injections? If the answer is ‘yes’, then 1): Good luck with your dating life 2) Boy are you in some luck! A new of breed of security product called Seeker produces some vivid hacker pr0n in the form of a video (see above) of how […]