SEC Consult Vulnerability Lab discovered a critical code injection vulnerability (CVE-2020-6262) with a CVSSv3 Score of 9.9 in SAP® Service Data Download (a part of the SAP® Solution Manager Plugin ST-PI).
On 2020-04-20, thefirst virtual meetingof the OWASP Vienna chapter took place. I (Thomas Kerbl - SEC Consult) was invited to talk about my experiences with Secure Software Development based onOWASP SAMM, the Security Assurance Maturity Model.
You have certainly read some articles with very good recommendations on IT security in the home office over the last few days. We have also looked at these articles and would like to add a few more helpful points.
For the foreseeable future and against the background of the current Covid-19 situation, increased reliance on electronic communications systems will be essential to the well-being of the people in organizations.
With the opening of a new office location in Bochum, SEC Consult is expanding its presence in Germany and responding to the increasing demand for IT security checks and for the professional analysis of software for critical security gaps.
DevOps is well on the way to becoming the primary development approach for all CI / CD-compatible applications, especially for mobile apps and web services. Ulrich Fleck (Chief Revenue Officer, SEC Consult Group) explains what is important.
SEC Consult has been observing the development and application possibilities of blockchain technologies for some time. These technologies could also be used in individual areas of security consulting. Within the scope of a recent research project, possible scenarios for the preservation of evidence after cyberattacks were examined in more detail.