company logo


Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.



By Industry




IT & Telecom

By Role





Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Threat Feeds

Threat Research

White Paper

SB Blogs

Subscribe to Our Weekly Threat Digest


Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

Our Story

Our Team


Press & Media

Contact Us



SUNSPOT: An injective attempt to execute a manual supply chain attack

Threat actors leveraged SUNSPOT to automatically inject the SUNBURST backdoor into the Orion app build process after executing the manual supply chain attack.

6 min read

Related Articles


API Security

Application Security

Learn why APIs are becoming the new battleground for application security. Explo...

## Introduction Application programming interfaces (APIs) are the glue that holds together the modern world. They allow applications to communicate with each other, share data, and perform tasks. As a result, APIs are increasingly being used to access sensitive data and systems. This makes them a prime target for cyberattacks. In 2023, APIs are becoming the new battleground for application security. Here are some of the reasons why: - **The number of APIs is exploding:** The number of APIs in use is growing exponentially. In fact, it is estimated that there will be over 500 billion APIs in use by 2023. This growth is being driven by the increasing popularity of cloud computing, microservices, and DevOps. - **APIs are often poorly secured:** API security is often overlooked by developers. This is because APIs are often seen as a communication layer between applications, and not as a security boundary. As a result, APIs are often vulnerable to a variety of attacks, such as unauthorized access, injection attacks, and denial-of-service attacks. - **APIs are used to access sensitive data:** APIs are often used to access sensitive data, such as financial information, customer data, and intellectual property. This makes them a valuable target for attackers. The growing number of APIs, their poor security posture, and the sensitive data they often access make them a major target for cyberattacks. ## How to Mitigate API Security Risks? There are a number of steps that organizations can take to mitigate API security risks. These include: - **Implementing strong authentication and authorization controls:** This will help to prevent unauthorized access to APIs. - **Encrypting data in transit and at rest:** This will help to protect sensitive data from being intercepted or stolen. - **Using API security tools and services:** There are a number of API security tools and services available that can help to detect and prevent API attacks. - **Training developers on API security best practices:** Developers should be trained on how to develop secure APIs. By taking these steps, organizations can help to protect their APIs and the data they access. ## How Threatspy Can Help? Here are some of the ways Threatspy can help organizations mitigate API security risks: - **Comprehensive security scanning:** Threatspy uses advanced heuristic algorithms to scan APIs for a wide range of vulnerabilities, including SQL injection, cross-site scripting, and denial-of-service attacks. - **Accurate assessments:** Threatspy's scanning engine is highly accurate, minimizing false positives and providing organizations with accurate assessments of their API security posture. - **Automated remediation:** Threatspy can automatically remediate many API vulnerabilities, saving organizations time and money. - **Seamless integration:** Threatspy integrates with a wide range of workflow apps & CI/CD pipeline, making it easy for organizations to incorporate it into their existing security processes. **According to a recent report by Akamai, APIs are now the top target for attackers, accounting for 83% of web-related attacks.** With [Threatspy](, developers can confidently release secure APIs and applications, knowing that any vulnerabilities identified can be fixed and remediated in real-time. Threatspy's heuristic approach identifies both known & unknown vulnerabilities and prioritizes with a custom-built Reachability Framework, while its Auto Remediation Playbook and Mitigation Campaign streamline the remediation process and calculate ROI. This allows organizations to rapidly identify & mitigate vulnerabilities than they can today. To get started with Threatspy, [request a demo now !](

loading..   15-Jun-2023
loading..   3 min read

Application Security


Learn why relying solely on WAFs for application security is not enough. Discove...

Web Application Firewalls (WAFs) have become a go-to security tool for organizations looking to protect their websites & web applications from a whole host of cyberattacks. WAFs can effectively block many types of attacks, including cross-site scripting (XSS), SQL injection, and more. But what if we told you that your organization's web applications and APIs may still be at risk even if you have a WAF in place? In this blog post, we'll know the reasons why even with WAF, your organization is not safe! ### WAFs are not foolproof: While WAFs work by looking for known patterns or indicators of attacks in incoming traffic and blocking requests that match these patterns. However, hackers are also leveraging new techniques to bypass WAFs, making it difficult for WAFs to keep up with the ever-evolving threat landscape For example, an attacker can use obfuscation techniques to hide malicious payloads or encode payloads to evade pattern-based detection. Additionally, an attacker can use a slow attack rate or make slight variations to bypass WAFs' rate-limiting rules. In some cases, attackers can bypass WAFs entirely by exploiting application logic flaws that are outside the scope of WAFs. ### WAFs do not protect against all types of attacks: WAFs help protects against common web-based attacks, but do not provide comprehensive attacks. For example, WAFs are not designed to protect against attacks that primarily target the application vulnerability, such as code injection or misconfigured servers. They also do not protect against attacks that target users directly, such as phishing or social engineering. ### WAFs can cause false positives: WAFs can often generate false positives, blocking legitimate traffic and preventing users from accessing your application. False positives can occur due to various reasons, such as misconfiguration, inadequate rules, or unanticipated traffic patterns. For example, if you have an e-commerce website, a sudden surge in traffic during holiday sales might trigger a false positive and block legitimate traffic, leading to frustration among users and can also cause operational issues for your organization. Therefore, WAFs can be an important part of your application security strategy but shouldn't be relied upon as the sole means of protecting your application highlighting the imperativeness of adopting a comprehensive tool that manages it all from a single platform without any hiccups. This brings us to [Threatspy](, which enables teams to proactively manage known, unknown, and third-party vulnerabilities inside their applications by automating the detection, prioritization, and remediation process. It uses a heuristic approach to identify vulnerabilities and prioritize them with a custom-built Reachability Framework, providing a Security Posture score based on contextual analysis, allowing your organization to take a more comprehensive and effective approach towards protecting your applications & APIs from the inside out. Experience Threatspy in action with our [free trial!](

loading..   02-Mar-2023
loading..   3 min read


Application Security

In this blog, we discuss the underlying concepts of the Heuristic Application Se...

Application security scanning is a process used to identify security vulnerabilities in applications. Heuristic scanning is a type of application security scanning that uses rules and algorithms to identify security vulnerabilities in an application. This is different from signature-based scanning, which uses predefined signatures to detect possible vulnerabilities. In this [blog](, we will understand what heuristic application security scanning is and how it is different from traditional signature-based application security scanning. ## Heuristic Application Security Scanning Heuristic application security scanning does not need a database to detect vulnerabilities. This type of application security scanning uses rules and algorithms to identify vulnerabilities that signature-based scanning methods may not detect. This is why it is able to identify zero-day vulnerabilities, the ones that have been disclosed but don't have any available patch or fix, classifying them under the category of unknown vulnerabilities. ## Signature-Based Application Security Scanning Signature-based scanning is a traditional application security scanning process primarily used to identify known vulnerabilities by searching for predefined signatures. These scanners rely on a database of signatures, and their checks depend only on non-reliable criteria, such as the version details and numbers of the target web application, file paths, and directory structures, etc. due to that, they are more prone to reporting false positives in detecting vulnerabilities. This means they are ineffective at defending against ever-evolving attacks, constantly being updated to evade detection. ## Conclusion In conclusion, both heuristic application security scanning and signature-based application security scanning play a crucial role in the overall security of applications against modern threats. By using both methods to scan for vulnerabilities, organizations can ensure the overall security of applications. So we have developed [Threatspy](, a Heuristic AppSec Management Platform that enables an organization to proactively address the known, unknown & third-party vulnerabilities associated with their applications by adaptively automating the detection, prioritizations, and remediation process before threat actors exploit them. By staying attuned to the latest application security trends, organizations can outperform without worrying about their web applications and keep them safe from ever-evolving threats. Want to take the very first step towards integrating Heuristic Approach in your application security? Then [head over to request a demo]( to witness Threatspy in action!

loading..   07-Jan-2023
loading..   2 min read