InfoQ·3yGoogle Releases Open-Source Vulnerability Scanning Tool
Google releases OSV-Scanner, an open-source front-end interface to the Open Source Vulnerability (OSV) database. Vulnerabilities are reported either in tabular format or, optionally, in the JSON-based OSV format. The format is designed to enforce version specification that aligns with the naming and schemes.
The Hacker News·3yTop 5 Web App Vulnerabilities and How to Find Them
Web application attacks are involved in 26% of all breaches, and app security is a concern for enterprises. The size of a startup does not exempt it from cyber-attacks – that's because hackers constantly scan the internet looking for flaws. It takes many years to build a reputation as a startup – and this can be ruined overnight with a single flaw.
GitHub Blog·3yEverything new from GitHub Universe 2022
GitHub Copilot is an AI pair programmer that uses OpenAI Codex to suggest code and entire functions in real time. Code search has a powerful new interface that allows developers to construct queries with suggestions, offers completions, and provides the ability to slice and dice results.
Snyk·3y5 “no experience needed” tips for building secure applications
Developers don't need to be security experts to build secure apps — they just need the right tools. Snyk is a security tool created specifically for developers. Use static code analysis to find and fix security vulnerabilities in the code you write and the dependencies you use.
System Weakness·4yCross-Site Scripting (XSS) Attacks
Cross-Site Scripting (XSS) is a common security vulnerability that is more prevalent in web applications. It’s estimated that more than 60% of web applications are susceptible to XSS attacks. As a result, the dangerous code will be presented to the victim anytime they perform a desired action on the corrupted web page. The persistent cross-site scripting attack takes place just like the non-persistent attack.
