Did You Read Our Most Popular 2019 Blog Posts?

What were your biggest AppSec questions and concerns in 2019? Want to find out what others’ were? Every January, we look at the most-read blog posts from the previous year, and it always proves to be a valuable exercise for us, and we hope for you as well. The posts below were favorites among our readers in 2019 and highlight the software security issues that were top of mind. Their popularity could also stem from the very practical advice they contain; we got the message, look for more of the same in 2020!

Detailed information on vulnerabilities and exploits – and how to prevent and avoid

The blog posts below contain detailed explanations of vulnerabilities and exploits from our own research team and penetration testers. Clearly, there is an appetite for a first-hand closer look at how developers are creating vulnerabilities, and how attackers are exploiting them.

Exploiting Spring Boot Actuators

Exploiting JNDI Injections in Java

Data Extraction to Command Execution CSV Injection

The Top Five Web Application Authentication Vulnerabilities We Find

Managing open source risk

As in the past several years, blog posts on open source risk, and how Veracode helps to reduce it, landed in the top 10.

Introducing New Veracode Software Composition Analysis

How Veracode Scans Docker Containers for Open Source Vulnerabilities

Complying with AppSec regulations

As major data breaches continue to expose customers’ sensitive data and cause major monetary and reputation damage to organizations, regulators are taking notice. From the EU General Data Protection Regulation (EU GDPR) to the NY State Department of Financial Services (NY DFS) Cybersecurity Regulations, more regulations are including application security requirements, and complying with them is becoming a major driver for security professionals. In turn, two blog posts about cybersecurity regulations were featured on the most-read list for 2019.

PCI Releases Software Security Framework

Ohio Senate Bill 220 Incentivizes Businesses to Maintain Higher Levels of Cybersecurity

Subscribe to our content

Did you miss any of these posts last year? Don’t miss a thing in 2020; subscribe to our content.