Root cause of Equifax hack is web app vulnerability

cASE sTUDY

Root cause of Equifax hack is web app vulnerability

Once again, the root cause of the Equifax hack is a web app vulnerability. These type of vulnerabilities have been around for over a decade but are still so relevant today. Each developer should be given the tools to avoid introducing these problems in the first place through training and real-time guidance while developing code.

Equifax said it discovered the breach on July 29. "Criminals exploited a U.S. website application vulnerability to gain access to certain files," the company said.

View Resource

Once again, the root cause of the Equifax hack is a web app vulnerability. These type of vulnerabilities have been around for over a decade but are still so relevant today. Each developer should be given the tools to avoid introducing these problems in the first place through training and real-time guidance while developing code.

Equifax said it discovered the breach on July 29. "Criminals exploited a U.S. website application vulnerability to gain access to certain files," the company said.

Author

Matias Madou, Ph.D.

Matias is a researcher and developer with more than 15 years of hands-on software security experience. He has developed solutions for companies such as Fortify Software and his own company Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon.

Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.

‍

The Resource Hub

Related Articles We Recommend

LLMs: An (im)perfectly human approach to secure coding?

While it is looking inevitable that LLM-style AI technology will change the way we approach many aspects of work - not just software development - we must take a step back and consider the risks beyond the headlines. And as a coding companion, its flaws are perhaps its most “human” attribute.

Read Post

Feb 1, 2024

Company

The Power of Nine: Growing Secure Code Warrior’s legacy in an exciting time for cybersecurity

Read Post

Jan 24, 2024

Vulnerabilities

The XZ Utils backdoor in Linux points to a wider supply chain security issue, and we need more than community spirit to keep it at bay

Read Post

Apr 11, 2024

Image of light traveling at high speed with the text "Cut vulnerabilities by 50%"

Reduce vulnerabilities by half with agile learning

Read Post

Nov 1, 2023

Resource Hub

Want more?

Dive into onto our latest secure coding insights on the blog.

Our extensive resource library aims to empower the human approach to secure coding upskilling.

View Blog

Want more?

Get the latest research on developer-driven security

Our extensive resource library is full of helpful resources from whitepapers to webinars to get you started with developer-driven secure coding. Explore it now.

Resource Hub

One Culture of Security: How Sage built their security champions program with agile secure code learning

Going beyond compliance: How Secure Code Warrior empowered Netskope developers to code cloud solutions at scale

Reaping the benefits of AI innovation depends on starting with secure code

The ultimate guide to security trends in financial services

Root cause of Equifax hack is web app vulnerability

Root cause of Equifax hack is web app vulnerability

Table of contents

Matias Madou, Ph.D.

Top 10 predictions for 2024

Secure Code Warrior 2024 predictions in cybersecurity

Why developers need security skills to effectively navigate AI development tools

Predicts 2024: Generative AI is reshaping software engineering

Going beyond compliance: How Secure Code Warrior empowered Netskope developers to code cloud solutions at scale

LLMs: An (im)perfectly human approach to secure coding?

While it is looking inevitable that LLM-style AI technology will change the way we approach many aspects of work - not just software development - we must take a step back and consider the risks beyond the headlines. And as a coding companion, its flaws are perhaps its most “human” attribute.

The Power of Nine: Growing Secure Code Warrior’s legacy in an exciting time for cybersecurity

The XZ Utils backdoor in Linux points to a wider supply chain security issue, and we need more than community spirit to keep it at bay

Reduce vulnerabilities by half with agile learning

Dive into onto our latest secure coding insights on the blog.

Our extensive resource library aims to empower the human approach to secure coding upskilling.

Get the latest research on developer-driven security

Our extensive resource library is full of helpful resources from whitepapers to webinars to get you started with developer-driven secure coding. Explore it now.

Root cause of Equifax hack is web app vulnerability

The ultimate guide to security trends in financial services

Predicts 2024: Generative AI is reshaping software engineering

Taking charge of vulnerability alerts

Connect

Community

Company

Help & Support

Connect

Community

Company

Help & Support

Root cause of Equifax hack is web app vulnerability

Root cause of Equifax hack is web app vulnerability

Table of contents

Matias Madou, Ph.D.

Related Articles We Recommend

Top 10 predictions for 2024

Secure Code Warrior 2024 predictions in cybersecurity

Why developers need security skills to effectively navigate AI development tools

Predicts 2024: Generative AI is reshaping software engineering

Going beyond compliance: How Secure Code Warrior empowered Netskope developers to code cloud solutions at scale

Related Articles We Recommend

LLMs: An (im)perfectly human approach to secure coding?

While it is looking inevitable that LLM-style AI technology will change the way we approach many aspects of work - not just software development - we must take a step back and consider the risks beyond the headlines. And as a coding companion, its flaws are perhaps its most “human” attribute.

The Power of Nine: Growing Secure Code Warrior’s legacy in an exciting time for cybersecurity

The XZ Utils backdoor in Linux points to a wider supply chain security issue, and we need more than community spirit to keep it at bay

Reduce vulnerabilities by half with agile learning

Dive into onto our latest secure coding insights on the blog.

Our extensive resource library aims to empower the human approach to secure coding upskilling.

Get the latest research on developer-driven security

Our extensive resource library is full of helpful resources from whitepapers to webinars to get you started with developer-driven secure coding. Explore it now.

Root cause of Equifax hack is web app vulnerability

More Great Resources Like this

The ultimate guide to security trends in financial services

Predicts 2024: Generative AI is reshaping software engineering

Taking charge of vulnerability alerts

Connect

Community

Company

Help & Support

Connect

Community

Company

Help & Support