Security

Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?

CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.

Alaeddine Mesbahi
Mon 24 October 2022

Product

New Dashboard, Better Insights

As a reflection of the many new capabilities and changes we have made, we have released a new dashboard providing better insights into an organization's security posture.

Thu 20 October 2022

Product

OWASP Mobile Application Verification Standard Support

The Mobile Application Security Verification Standard is an important step toward building secure Mobile Applications. Ostorlab now adds support for generating compliance report for L1, L2 and Resilience levels.

Tue 04 October 2022

Engineering

Tips and tricks for developing & debugging OXO Agents.

Tips and tricks to make your life easier when developing & debugging OXO Agents.

Thu 18 August 2022

Product

Improved Attack Surface Discovery, Mobile and Web Security Scanning

Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.

Thu 18 August 2022

Engineering

Life of a Scan: how OXO's open-source vulnerability scanner works

This article talks about how OXO works under the hood.

Tue 02 August 2022

Latest posts

Product

Release of Attack Surface asset discovery

Introducing Attack Surface asset discovery, configurable assets, improved scan instrumentation, and enhanced plans management.

Mon 01 August 2022

Security

Attack Surface Insights - part 2

Attack Surface is not just about open ports and services; this article covers key insights beyond the standard technical ones.

Thu 16 June 2022

Security

Mapping your Attack Surface - part 1

Attack surface mapping has become the number one headache of CISO's of most large organization, this article goes over techniques and tools used by Ostorlab to enable powerful and accurate attack surface discovery and monitoring.

Tue 17 May 2022

Product

March-April-May 2022

We are pleased to announce a set of new improvements.

Sun 01 May 2022

Engineering

What I've learned from my first job as a Software Engineer at Ostorlab

This article talks about the experience of Rabson Phiri who works as a Software Engineer at Ostorlab.

Tue 19 April 2022

Product

Ostorlab vs. NowSecure vs. MobSF vs. Immuniweb vs. AppKnox vs. Quixxi vs. Oversecured

This article provides a comprehensive view of the security mobile security scanning solutions, while at the same time highlighting what truly differentiates them.

Mon 21 March 2022

Product

Ostorlab is Open-Source 🎊

This is a major release open-sourcing Ostorlab and announcing tons of new features and capabilities.

Mon 21 February 2022

Product

November-December 2021 / January-February 2022

We are pleased to announce a set of new improvements.

Tue 01 February 2022

Changelog

View all changes

Better UI, more concise scan report improved detection of insecure webview usage, and multiple bug fixes.

 Tue 23 April 2024

Objetive C instrumentation, detection of insecure data storage, Regex DoS, and multiple bug fixes.

 Mon 15 April 2024

Detection of Apple's Privacy Manifest, liblzma backdoor, and Attack Surface fixes.

 Mon 01 April 2024

Addition of CSS Injection Detection, ARM64 support, and migration of Agent's Docker Images.

 Mon 25 March 2024
Previous
5 of 12
Next