SECURITY ANALYSIS

Security Advisory on Micro Focus HPE Operations Agent 12.04.006

Apr 1, 2022 | News, Security Advisories

Our HeroLab analysts have performed a security analysis on the product HPE Operations Agent by Micro Focus. They identified an XXE (XML eXternal...

Security Advisory for Zulip <= v4.7

Mar 3, 2022 | Security Advisories

Our HeroLab analysts have performed a security analysis on the open-source collaboration software Zulip. They identified a server-side request...

Security Advisory for Thruk Monitoring < v2.46.3

Feb 22, 2022 | Security Advisories, News

Our analysts at usd HeroLab have examined the Thruk monitoring web interface for e.g. Naemon, Nagios or Icinga during their security analysis. A...

Security Advisory for Grafana < v8.1.3

Feb 2, 2022 | News, Security Advisories

Our analysts at usd HeroLab discovered security vulnerabilities in Grafana's input validation while performing their pentests. Through these...

Software Security: Static Code Analysis

Jan 31, 2022 | News

In practice, it is not an easy task for manufacturers to continuously integrate a strong security mindset into complex software projects. In our...

Software Security: Requirement and Threat Analysis

Jan 11, 2022 | News

In practice, it is not an easy task for manufacturers to continuously integrate a strong security mindset into complex software projects. In our...

Security Advisory for VMware Workspace ONE Intelligent Hub

Jan 6, 2022 | News, Security Advisories

Our usd HeroLab pentesters have identified a vulnerability in VMware Workspace ONE Intelligent Hub software while conducting their security...

Is Your Mainframe Protected against Hacker Attacks? Our Detailed Security Analysis Provides You with Answers

Aug 23, 2021 | News, Pentests & Security Analyses

As complex and exceptionally powerful systems, mainframes significantly exceed the capacities of a typical PC or server. Particularly in industries...

Chances and Risks of Single Sign-On Solutions

Jul 29, 2021 | News

Single Sign-On (SSO) is an authentication method that allows users to log into multiple applications and websites using the same login data. Lauritz...