Resources
Featured Scantist Articles
Read all about application security, open source risk management and DevSecOps here
Open Source
Announcing the Launch of Scantist's New DevSecOps Platform
Explore the future of secure software development with Scantist's innovative DevSecOps platform. Learn about advanced security features, seamless integration, and how this platform is reshaping the landscape of software development practices.
Scantist Blogs
What is DevSecOps & How does it work? | Scantist
Learn what DevSecOps is and how it can improve your organization's security posture. Find out how to implement it to improve collaboration.
The Complete Guide to Application Security | Scantist
Application security is the practice of adding features or functionality to software to protect against attacks. Here’s everything you need to know about it.
Your Guide to Open-Source Vulnerabilty Scanner- Scantist
Do you need an open-source vulnerability scanner? Here’s the answer to all your questions about vulnerability scanners.
Case Study
Evaluating the health of the development lifecycle
Find out how Thompson (Scantist's Software Composition Analysis tool) helped Deputy analysed the health of their development environment and track the dependency of components within their infrastructure while preventing the invalidity of their applications with the presence of legacy systems.
Application Evaluation for Investment Decision
A merchant banking firm was looking to invest in a start-up HR tech company. Prior to making a decision, it is critical to understand and evaluate the proposition of the tech company and verify the integrity of codes used in its applications and systems.
Fuzzing for server-like programs
Find out how Hollerith (Scantist's Smart Fuzzer) helped our client, Big Telco, disclosed exploitable vulnerabilities despite its server-like programs which rendered existing fuzzing solutions infeasible.
Vulnerability Library
CVE-2022-43286
Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.
CVE-2022-37623
Prototype pollution vulnerability in function resolveShims in resolve-shims.js in thlorenz browserify-shim 3.8.15 via the shimPath variable in resolve-shims.js.
CVE-2022-3373
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)