all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Discovering Shadow Vulnerabilities in Popular Open-Source Projects A Journey Through Reverse-Fuzzing

Add to bookmarks
Jan. 29, 2024, 2:41 a.m. | OWASP Foundation

OWASP Foundation www.youtube.com

In a world full of vulnerabilities, there is an untold story of those libraries that are insecure by design. For example, libraries that by using them in a certain way, the application could be compromised. Not all libraries' security issues are treated as vulnerabilities and addressed with a patch or CVE, hence addressed with minor documentation warnings at best. These vulnerabilities pose a significant risk to organizations as they are nearly impossible to detect, we named them "Shadow Vulnerabilities".

We …

application compromised design fuzzing insecure insecure by design journey libraries patch popular projects reverse security security issues shadow story vulnerabilities world

Visit resource

More from www.youtube.com / OWASP Foundation

OWASP 2024 Global AppSec Lisbon -- Promo 2 weeks, 5 days ago | www.youtube.com
foundation managed owasp
Security for Citizen Developers: Low-Code/No-Code Cybersecurity Threats 3 weeks, 4 days ago | www.youtube.com
foundation managed owasp
Meet OWASP Top 10 for LLM Apps at RSA! 1 month, 3 weeks ago | www.youtube.com
apps calling conference foundation +14
AI and API Security Panel 1 month, 3 weeks ago | www.youtube.com
api apis apisec api security +31
OWASP Spot 2 months, 2 weeks ago | www.youtube.com
foundation managed owasp
The State of Secure DevOps - Security enables Velocity 3 months, 2 weeks ago | www.youtube.com
accelerate can challenge change +17
OpenCRE.org - Universal Translator for Security 3 months, 2 weeks ago | www.youtube.com
authors business business risk code +19
Level Up Your Security Champions (and Your Program) 3 months, 2 weeks ago | www.youtube.com
application application security build current +12
How to Avoid Potholes When Scaling Your Application Security Program 3 months, 2 weeks ago | www.youtube.com
application application security build companies +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com