Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2022

CyRC Vulnerability Analysis: CVE-2022-1271 in gzip, but it's not as bad as it sounds

CVE-2022-1271 is a new vulnerability affecting gzip, a widely used open source component for archiving, compressing, and decompressing files. CVE-2022-1271, also tracked in the Black Duck KnowledgeBase™ as BDSA-2022-0958, is a bug in gzip, a file format and software application used for archiving, compressing, and decompressing files.

What is the maturity level of your AppSec program?

Using the Forrester assessment, you can measure the maturity of your AppSec program to help identify areas for improvement. Any organization that wants to secure its software should make maturity of its AppSec program its holy grail. Maturity means making security the first thought, not an afterthought. It means embedding security into software throughout the development life cycle, not trying to patch it at the last minute before production.