Search here...

Author: Balwurk

Balwurk > Articles by: Balwurk

CVE-2023-27171 – Improper Verification of Cryptographic Signature

Context During an authorised penetration testing assessment of Xpand IT Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. This vulnerability allows an attacker to craft…

Read More

CVE-2023-27170 – Improper Limitation of a Pathname to a Restricted Directory

During an authorised penetration testing assessment conducted on Xpand IT's Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows an attacker to…

Read More

Partnership between Balwurk and Check Point

Balwurk, a consultancy company dedicated to providing application security services, is moving steadily forward in its quest to deliver excellence in AppSec & Cloud Security. To achieve this goal, we are pleased to announce our recent partnership with Check Point…

Read More

CVE-2023-27169 – Use of Hard-coded Cryptographic Key

During an authorised penetration testing assessment of Xpand IT Write-Back software, Balwurk's security team found multiple security vulnerabilities, first disclosed to the customer and then responsibly submitted to the MITRE CVE program. The discovered vulnerability allows an attacker to retrieve…

Read More

Partnership between Balwurk and Synopsys

We are proud to announce the recently formed partnership with Synopsys, a global leader in Application Security (AppSec). By combining their expertise, the two companies are dedicated to helping organizations establish trust in their software by taking a holistic approach…

Read More

How is Application Security addressed in Quadro Nacional de Referência para a Cibersegurança (QNRCS)?

What can be done to improve application security within the QNRCS? That's what we intend to answer in these lines. At the end of this article, you will know where to find the essential information to drive and maintain your…

Read More

Partnership between Balwurk and Probely

We are excited to announce our partnership with Probely, a leading provider of application security testing solutions. With this partnership, Balwurk can now offer our clients a cutting-edge Software-as-a-Service (SaaS) solution for dynamic application security testing (DAST) and an API-first Development Approach.…

Read More