security
New OWASP Mobile Top 10
Release of new OWASP Mobile Top 10 with improvements, updates and a behind the scenes.
Mon 27 November 2023
Ostorlab's Victory at the Swiss Cyber defence Security Challenge 2023
Ostorlab clinches the top spot in the Swiss Cyber defense Security Challenge, showcasing their commitment to advancing application security automation.
Fri 10 November 2023
One Scheme to Rule Them All: OAuth Account Takeover
This article delves into the exploitation of OAuth account takeover using app impersonation through custom scheme hijacking, an overlooked vulnerability pattern affecting most OAuth providers and consequently many popular applications including apps with over 1B downloads.
Tue 17 October 2023
Security Enhancements, Compliance Mapping, and User Experience Upgrades
New release brings advanced security measures, compliance mapping, and user experience enhancements, including URL injection and OAuth account takeover detection, PCI/GDPR compliance mapping, and a 10x speedup in secret detection. Enjoy improved PDF reports, a new ticket/remediation UI, and better search capabilities.
Fri 13 October 2023
August Fix-it!
During our recent Fix-It Week 🛠️😃, our dedicated team put in a tremendous effort to address and resolve over 107 issues affecting our systems.
Latest posts
ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter
Recent in-depth investigations reveal serious vulnerabilities discovered in widely-used zip packages in Flutter and Swift, posing serious security risks for thousands of developers and applications. Our article delves into the technical aspects of these vulnerabilities, explaining their discovery, implications and mitigation strategies.
Fri 04 August 2023
Extended Dependency Detection
Ostorlab now supports uploading an SBOM or Lockfile for extended dependency detection.
Tue 18 July 2023
CircleCI and AppCenter CI/CD integrations
Addition of CircleCI and AppCenter CI/CD integrations.
Tue 11 July 2023
New Features & Fixes in July 2023
We're excited to bring you a host of enhancements and features: open-source Flutter vulnerability detection, extended social auth support for Google and Github, AI-enhanced summaries, a sleek notification UI, and advanced search filters. We've improved geofencing support for India and UK, added new Flutter-specific detection rules, and fixed bugs in various areas. With a freshly redesigned blog and smoother navigation testing for Webview on Android and iOS, we're making your experience even better.
Sat 01 July 2023
Automation rule policies, Artifacts redesign, improved detection and much more.
An overview of all the new features of the Ostorlab platform and its detection capabilities.
Fri 14 April 2023
GodFather Android Malware Analysis
In This article, we analyze the GodFather Android malware, which continues to appear in various formats and primarily targets banking and cryptocurrency applications to steal money and sensitive information for the users.
Fri 14 April 2023
Ostorlab Achieves SOC2 Type 2 Certification for Commitment to Security and Data Protection
Ostorlab has successfully completed its SOC2 Type 2 audit, demonstrating its commitment to security and data protection.
Wed 12 April 2023
Ostorlab, top 10 vulnerability management innovators of 2023 by GRC Viewpoint
Ostorlab has been selected as one of the top 10 vulnerability management innovators of 2023 by GRC Viewpoint.
Mon 16 January 2023
Changelog
View all changesSecurity Enhancements, Compliance Mapping, and User Experience Upgrades
Fri 13 October 2023
August Fix-it!
Tue 08 August 2023
Extended Dependency Detection
Tue 18 July 2023