all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Discovering Shadow Vulnerabilities in Popular Open-Source Projects A Journey Through Reverse-Fuzzing

Add to bookmarks
Jan. 29, 2024, 2:41 a.m. | OWASP Foundation

OWASP Foundation www.youtube.com

In a world full of vulnerabilities, there is an untold story of those libraries that are insecure by design. For example, libraries that by using them in a certain way, the application could be compromised. Not all libraries' security issues are treated as vulnerabilities and addressed with a patch or CVE, hence addressed with minor documentation warnings at best. These vulnerabilities pose a significant risk to organizations as they are nearly impossible to detect, we named them "Shadow Vulnerabilities".

We …

application compromised design fuzzing insecure insecure by design journey libraries patch popular projects reverse security security issues shadow story vulnerabilities world

Visit resource

More from www.youtube.com / OWASP Foundation

Meet OWASP Top 10 for LLM Apps at RSA! 2 weeks, 2 days ago | www.youtube.com
apps calling conference foundation +14
AI and API Security Panel 2 weeks, 5 days ago | www.youtube.com
api apis apisec api security +31
OWASP Spot 1 month, 1 week ago | www.youtube.com
foundation managed owasp
The State of Secure DevOps - Security enables Velocity 2 months, 1 week ago | www.youtube.com
accelerate can challenge change +17
OpenCRE.org - Universal Translator for Security 2 months, 1 week ago | www.youtube.com
authors business business risk code +19
Level Up Your Security Champions (and Your Program) 2 months, 1 week ago | www.youtube.com
application application security build current +12
How to Avoid Potholes When Scaling Your Application Security Program 2 months, 1 week ago | www.youtube.com
application application security build companies +13
Bootstrap Your Software Security with OWASP SAMM 2.1 2 months, 1 week ago | www.youtube.com
assurance development framework lifecycle +10
“Shift Left” Isn’t What You Expected 2 months, 1 week ago | www.youtube.com
address elephant impact isn +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs