Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?
CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.
Mon 24 October 2022
New Dashboard, Better Insights
As a reflection of the many new capabilities and changes we have made, we have released a new dashboard providing better insights into an organization's security posture.
Thu 20 October 2022
OWASP Mobile Application Verification Standard Support
The Mobile Application Security Verification Standard is an important step toward building secure Mobile Applications. Ostorlab now adds support for generating compliance report for L1, L2 and Resilience levels.
Tue 04 October 2022
Tips and tricks for developing & debugging OXO Agents.
Tips and tricks to make your life easier when developing & debugging OXO Agents.
Thu 18 August 2022
Improved Attack Surface Discovery, Mobile and Web Security Scanning
Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.
Life of a Scan: how OXO's open-source vulnerability scanner works
This article talks about how OXO works under the hood.
Latest posts
Release of Attack Surface asset discovery
Introducing Attack Surface asset discovery, configurable assets, improved scan instrumentation, and enhanced plans management.
Mon 01 August 2022
Attack Surface Insights - part 2
Attack Surface is not just about open ports and services; this article covers key insights beyond the standard technical ones.
Thu 16 June 2022
Mapping your Attack Surface - part 1
Attack surface mapping has become the number one headache of CISO's of most large organization, this article goes over techniques and tools used by Ostorlab to enable powerful and accurate attack surface discovery and monitoring.
Tue 17 May 2022
What I've learned from my first job as a Software Engineer at Ostorlab
This article talks about the experience of Rabson Phiri who works as a Software Engineer at Ostorlab.
Tue 19 April 2022
Ostorlab vs. NowSecure vs. MobSF vs. Immuniweb vs. AppKnox vs. Quixxi vs. Oversecured
This article provides a comprehensive view of the security mobile security scanning solutions, while at the same time highlighting what truly differentiates them.
Mon 21 March 2022
Ostorlab is Open-Source 🎊
This is a major release open-sourcing Ostorlab and announcing tons of new features and capabilities.
Mon 21 February 2022
November-December 2021 / January-February 2022
We are pleased to announce a set of new improvements.
Tue 01 February 2022