Search for a command to run...
Articles tagged with #appsec
Today marks an exciting day for all of us here at Pixee, and maybe in appsec? Excuse me some founder panaché. The Problem: Proving Exploitability Is Hard One of the hardest, most detail-oriented, and time consuming things to do with SAST is to try to...
XSS is one of the more serious things in appsec, and it's pretty prevalent. It’s also one of those things that is super hard to find accurately via static analysis. And, vendors don’t want to miss it — so, typically any data that gets to a response, ...
AI rightfully refuses to relinquish its place in our cultural conversation, and so I thought I'd share a few interesting things we've noticed at Pixee making an AI product security engineer. I hope that others might find validation, understanding, or...
Wait, you don't send the fixes into the IDE? When I first tell people at Pixee that we send Pull Requests (or Merge Requests, for your GitLabers) to fix vulnerable code, they always look at us quizzically for a second -- whether they be partners, pr...
The predominant hobby of my teenage years and the main focus of my first 10 years of my career was a mix of very similar activities: code review, bug hunting, exploit development, and building scanners/reviewing scanner output. One particularly inten...