Application Security This Week for August 26

Big, big news out of Portswigger this week.  I'm a huge fan of OWASP ZAP, and use it daily, but this is a major uptick in web analysis tools.

A new API for Burp Suite (something ZAP has had for years)

The introduction of 2.0

And finally the introduction of Enterprise Edition, which effectively adds scalibility

Really solid week of announcements.


In other news, AppSec consulting hits it out of the park again with advice on securing third-party JavaScript.


A major flaw was found in GhostScript.  If you are parsing document formats like PDF or XPS, get your patch on!


Another Struts RCE vulnerability.  "I'm shocked!" said nobody, ever.


Bitdefender published a whitepaper on the next phase of Android malware, and it is worth a read.


And that's the news!

Comments are closed