Why Oxeye
Solutions
Open Source
Company
CareersBlogGet a Demo

Oxeye Blog

Ron Vider
CTO & Co-Founder
Why SAST can not support cloud native apps
Jan 24, 2022

Why SAST doesn’t work in a cloudy world: 3 reasons SAST can’t support cloud native apps

Static application security testing tools (SAST), fail to provide the security measures required for cloud native apps. They lack context and are often limited to only one programming language, framework, or sets of libraries.

Read More
Ron Vider
CTO & Co-Founder
DAST Diagram
Jan 4, 2022

DAST & Cloud-Native Web Apps - Like Bringing a Knife to a Gunfight

Dynamic Application Security Testing tools (DAST), and why they fail to successfully test cloud native apps for code vulnerabilities. DAST tools lack the visibility into the communication layer of both app, container and cloud.

Read More
Ron Vider
CTO & Co-Founder
PII leak open telemetry
Dec 22, 2021

How insecure application tracing and telemetry may lead to sensitive data and PII leakage

Recently, Oxeye’s research team discovered several scenarios where sensitive data was leaked through tracing and telemetry collection within cloud-native applications.

Read More
Ron Vider
CTO & Co-Founder
Dec 21, 2021

How Legacy AST Tools Fail to Secure Cloud Native Applications

Herein is an overview of AST and the challenges that DAST, SAST, IAST, and SCA tools face when assessing vulnerabilities in cloud native applications.

Read More
Daniel Abeles
Head of Research
Dec 14, 2021

How Contextual Risk Analysis Helps AppSec Teams Better Mitigate Log4Shell (CVE-2021-44228)

Oxeye helps identify and mitigate the Java logging package Log4j vulnerability dubbed Log4Shell (or LogJam CVE-2021-44228) with context

Read More
Yifat Mor
VP Marketing
Nov 24, 2021

Why Microservices and Cloud Native Requires a New Security Testing Approach

Given the intricacies of cloud native apps, it's critical for organizations to prioritize security during their build phase

Read More
Nikolay Sokolik
Software Engineer
Nov 9, 2021

Contributing Open Source Code to the OpenTelemetry Project

OpenTelemetry is an open-source project by the Cloud Native Computing Foundation (CNCF).

Read More
Daniel Abeles
Head of Research
Oct 28, 2021

When Cloud Native Application Security Testing Fails: A Real-World Analysis

Cloud native application vulnerabilities are not singular events, but rather complex flows. Our blog brings a few real-life examples from Shopify.

Read More
Ron Vider
CTO & Co-Founder
Oct 18, 2021

The Cloud Native Application Security Challenges and How to Avoid Them

Over 500 million applications will be deployed using cloud-native approaches by 2023, according to IDC.

Read More
Dean Agron
CEO & Co-Founder
Oct 10, 2021

Introducing Oxeye - Cloud-Native Application Security Testing, Here We Come

Cloud-native has evolved from a marketing term into a highly desirable and useful architecture choice, yielding significant benefits for designing.

Read More

See How Oxeye Can Help You

Experience the complete functionalities of Oxeye ; schedule time with our team for a live demo.

Get a Demo
HomeSolution
BlogCompany
Careers We're Hiring!Get a Demo
2022 All rights reserved
Privacy PolicyTerms of Use