• EN-USEN-US
    • PT-BRPT-BR
    • EN-USEN-US
  • Check our website
  • Know our product

Newsletter

Conviso AppSecConviso AppSec
Menu
  • Articles
    • Application Security
    • News
    • Infrastructure
  • Code Fighters
  • News
  • Tech
19 posts

Browsing category

Code Fighters

At Conviso, we believe that knowledge is more potent when it’s shared. Our Code Fighters Lab is composed by our Research and Development Team – Information Security Analysts dedicated to continuously studying Application Security, striving to promote relevant information for the AppSec community.

We are truly inspired by the ideal of AppSec as a culture. That’s why our professionals work daily to find new, innovative solutions to security challenges – to then share their findings and collaborate with the community.

Application SecurityCode Fighters
01/03/2023

How Subresource Integrity can help to secure your website

By João Ciconet
Subresource Integrity (SRI) is a technique that can help protect web applications against attacks originating from content providers. When…
Share
Application SecurityCode FightersNews
27/10/2022

Research: CVE-2021-43076 and the Risks Caused by Insecure Design

By Communication Team
In the latest edition of OWASP TOP 10 Vulnerabilities 2021, some new categories were introduced in their classifications. In this article…
Share
Application SecurityCode Fighters
13/10/2022

Tutorial for solving security challenges in Ruby on Rails for developers

By Gabriel Galdino
If you follow our social networks, it is very likely that you have come across some “Secure Coding Challenge” in order to identify a…
Share
Application SecurityCode FightersNews
29/09/2022

Case Study: Plone CVE-2021-33512 and Threat Modeling with Conviso Platform

By Danilo Costa
An internal project by Conviso’s Consulting team, called ConsultingLabs, was created with the aim of exploiting vulnerabilities. In…
Share
Application SecurityCode Fighters
23/05/2022

Bug hunting in the Janet language interpreter

By Ricardo Silva
In UMassCTF-2021 I was presented to an interesting project on a language called Janet. In this CTF we had two challenges to solve and the…
Share
Code Fighters
10/03/2022

CVE-2022-21831: Overview of the security issues we found in Rails’s image processing API

By Communication Team
During a security auditing of the Ruby on Rails source and its dependencies, we discovered two ways to exploit ActiveStorage’s image…
Share
Application SecurityCode Fighters
06/01/2022

Code Comprehension: What is it?

By Communication Team
Software Engineering Before discussing Code Comprehension, it is important to talk a bit about Software Engineering. There are some…
Share
Application SecurityCode Fighters
27/12/2021

Why are nonces important on CTR mode ciphers

By Communication Team
This article: “Why are nonces important on CTR mode ciphers” was written 3 years ago, and is available again on our blog. Good…
Share
Code FightersTech
12/11/2021

An introduction to secure code review on Go applications

By Gustavo Dutra
We have a new application or module written in the Go language that we want to analyze. So how do we approach that? You can also listen…
Share
Página 1 de 3123»
  • About Us

    With over 10 years specialized in application security projects, we are recognized in the market as one of the most experienced brazilian company in Application Security.

  • Check This Articles

    • Application Security

      Code Review versus Secure Code Review

      17/03/2023
    • Application SecurityProduct

      The best way to set up an Application Security Testing tool in your CI/CD

      16/03/2023

Conviso Application Security Todos os direitos reservados

Conviso AppSec
Proudly powered by WordPress Theme: Davenport.
 

Loading Comments...