Knowledge & News
January 24, 2025 |
by Mirko Richter
AI makes SAST Great Again!
Talk at the oop Conference for Software Architecture Do traditional tools like SAST or SCA have …
January 17, 2025 |
by Mirko Richter
New Brilliance for SAST
How LLMs can help make static source code analysis socially acceptable. The article in Java Magazin describes …
October 24, 2024 |
by Mirko Richter
Tool-supported source code analyses powered by LLMs
Talk at W-JAX Improving Application Security Analyses Using LLMs About the talk Even if …
October 16, 2024 |
by Mirko Richter
Security of Vaultwarden and Keepass analyzed for the BSI
Static Code Analysis (SAST) of Open Source Software On behalf of the German Federal Office for Information Security in the …
September 2, 2024 |
by Mirko Richter
Security of Matrix and Mastodon Analyzed for the BSI
Static Code Analysis (SAST) of Open Source Software On behalf of the German Federal Office for Information Security in the …
August 26, 2024 |
by Bastian Braun
Risks for Generative AI for Understanding and Taking Away
Talk at heise devsec About the talk Since the release of ChatGPT, no …
May 11, 2024 |
by Mirko Richter
HTML Injection in Vaultwarden
HTML injection vulnerability in the Vaultwarden admin dashboard. Do you trust a secure management of your access data? Admin dashboards are in the …
April 18, 2024 |
by Mirko Richter
Denial of Service in TYPO3 Bookmark Toolbar
TYPO3 security vulnerability in the backend bookmark system: How a single click can block the entire system. The stability and …
April 11, 2024 |
by Mirko Richter
Missing rotation of the organization key
Vulnerability in Vaultwarden's access management. Especially in times of increasing cybercrime, the protection of sensitive company data is …
March 11, 2024 |
by Mirko Richter
Missing authentication check for emergency access
Vaultwarden security vulnerability in emergency access. In today's digital world, the protection of sensitive access data is of …
What would you like to read?
What is it about?