security

How to Prevent Code Injection Vulnerabilities in Serverless Applications (Part 2/2)

By Manuel Benz

February 8, 2021

This article is part two of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

How to Prevent Code Injection Vulnerabilities in Serverless Applications (Part 1/2)

By Manuel Benz

November 25, 2020

This article is part one of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

ServerlessGoat Java

By Andreas Dann

November 6, 2020

We released an Java adaption of the OWASP Serverless Goat in our GitHub Repo.

The Myth of False Positives in Static Application Security Testing

By Johannes Späth

October 26, 2020

In this article, we explain the myth behind false positives and discuss two types of false positives.

Security vulnerabilities in the Corona-Warn-App

By Manuel Benz

June 16, 2020

Now that the Corona app is officially released, we are allowed to share our insights.

Sicherheitslücken in der Corona-Warn-App

By Manuel Benz

June 16, 2020

Jetzt wo die Corona-App offiziel veröffentlicht ist, dürfen wir über unsere Ergebnisse sprechen.