Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications – resulting in the need for new and more effective approaches to cloud-native application security.
Oxeye on Tuesday predicted that as more applications are built with a cloud-native approach, application and cloud security will converge in 2023.
Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine.
Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they use it in their applications.
Israeli cloud-native application security testing firm Oxeye discovered that the way URL parsing is implemented in some Go-based applications creates vulnerabilities that could allow threat actors to conduct unauthorized actions.
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications, Oxeye researchers have found.
Security researchers have discovered a new vulnerability called ParseThru affecting Golang-based applications that could be abused to gain unauthorized access to cloud-based applications.
In cloud native environments, the usual alphabet soup of application security testing tools just don’t cut it anymore, according to Dean Agron, cofounder of Israeli-based Oxeye, which is forging a different path.
Oxeye, provider of award-winning cloud-native application security testing platform, today announced the general availability of its Cloud Native Application Security Testing (CNAST) platform at KubeCon 2022.
Eliminate uncertainty from the application security process, and save your development and AppSec teams time.