Blog (DACH)

OWASP Top 10 2021 is out - what's new and changed

24.Sep.2021

Simon Roe, Product Manager Outpost24

It doesn’t seem that long ago that I wrote about the OWASP Top 10 changes that came in 2017. OWASP has announced the release for the new 2021 Top 10. Find out more about Broken Access Control and Cryptographic Failure vulnerabilities and understand what it means for application development and DevSecOps

Mapping the Attack Surface for Insurance Applications

02.Aug..2021

Stephane Konarkowski & Nicolas Renard, Presales Managers at Outpost24

As insurance organizations look to attract and engage customers, the growing use of web applications has increased their cyber exposure and the risks of cyberattacks. In this benchmark study, we analyzed the attack surface of the top 10 insurers in Europe to highlight the common attack vectors and security weaknesses that could be exploited – from page creation method to vulnerable components – and our top tips for reducing web application security risks.

Debunking the web application attack surface for Credit Unions

14.Apr..2021

Nicolas Renard and Stephane Konarkowski, Security Consultant Outpost24

Financial services are big targets for cybercrime. As the world shifts from physical to online, credit unions are doubling down on web applications to improve access and ensure vital financial services for their members. But with that comes greater security risks. In this benchmark study, we analyze the Top US Credit Unions with our attack surface analysis tool to highlight security weaknesses they should watch out for.

SAST, DAST, SCA: What’s best for application security testing?

30.März.2021

Simon Roe, Application Security Product Manager Outpost24

With a 43% rise in data breaches tied to web application vulnerabilities according to Verizon, enterprise security teams are looking more closely at how security controls can be integrated to DevOps without impacting productivity. But with so many automated security testing tools (SAST, DAST, SCA) on the market, it’s important to understand the difference and when to use them to ensure robust Application Security.

How Outpost24 Secures the SDLC

13.Juli.2020

Eren Cihangir, Sales Engineer at Outpost24

At Outpost24, we’re committed to providing information security testing solutions to not only fit seamlessly into the SDLC, but also to enhance our customers’ experiences in implementing and maintaining their best practices to ensure their SDLC leads to a strong security posture and comprehensive resiliency around their full stack.

Website Security: Magecart and credit card skimming

14.Jan..2020

Simon Roe

Online payment skimming operations run by Magecart criminals continue to intensify and develop, reportedly compromising more than 2 million websites with the most infamous attack involving the breach of British Airways in 2018. Where credit card data of nearly 400,000 BA customers were compromised and resulted in a hefty fine of $230million and the moment the world stood up to take note of this new and dominant threat.

TOP 10 of the world's largest cyberattacks, and how to prevent them

03.Dez..2018

Outpost24

Looking back over the years and what we see happening now is the same attack vectors being used that have led to breaches. Web applications and the human element of security remain the cornerstones when it comes to protecting your organization against any weak spots. Your organization’s ever-expanding digital footprint and supply chains are also factors adding to this risk, which cyber criminals are aware of and willing to exploit.

How to identify Cross-Site Scripting (XSS) vulnerabilities?

09.Apr..2018

Outpost24

Cross Site Scripting, or XSS, is one of the most common types of vulnerabilities in web applications. Discover how to avoid Cross-Site Scripting based attacks.

What to expect from a web application penetration test

09.Febr..2018

Fernando Gallego, IT Security at Outpost24

In the digital age, web application penetration testing is one of the most critical elements of an organization’s vulnerability management program. In this blog post we will explain the role of penetration testing plays in protecting your organization against web-related exploitations

BMC Remedy vulnerabilities identified

19.Okt..2017

Simon Rawet and Kristian Varnai

Security researchers from the Outpost24 SWAT team, Simon Rawet and Kristian Varnai, have identified and reported numerous vulnerabilities in BMC Remedy. The vulnerabilities range from relatively benign to full remote code execution without authentication.