BestHub
Sign in
Tag

Vulnerability Mitigation

0 views collected around this technical thread.

Tencent Technical Engineering
Tencent Technical Engineering
Apr 10, 2025 · Information Security

AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance

The Woodpecker team shows that AI‑generated code, exemplified by Simon Willison’s HTML slideshow tool, can embed unsanitized inputs that create exploitable XSS flaws, and they recommend zero‑trust AI prompts, rigorous input filtering, CSP, AI‑assisted scanning, and secure supply‑chain practices to mitigate such risks.

AI securityCSPSimon Willison
0 likes · 9 min read
AI-Generated Code Introduces XSS Vulnerabilities: A Case Study and Security Guidance
JD Tech
JD Tech
May 26, 2023 · Information Security

JD Cloud RASP Runtime Application Self‑Protection: Architecture, Principles, and Best Practices

This article examines JD Cloud's Runtime Application Self‑Protection (RASP) technology, detailing its background, architecture, working principles, security advantages over traditional WAF and SAST/DAST, practical 0‑day protection examples, deployment scenarios, operational practices, and real‑world performance in large‑scale promotions and national‑level cyber‑exercises.

Cloud NativeRASPRuntime Protection
0 likes · 14 min read
JD Cloud RASP Runtime Application Self‑Protection: Architecture, Principles, and Best Practices
Aikesheng Open Source Community
Aikesheng Open Source Community
Dec 15, 2021 · Information Security

How to Patch the Apache Log4j2 Vulnerability in Dble

This guide explains four remediation methods for the Log4j2 security flaw in Dble, including upgrading to Log4j2 2.16.0, adding a configuration property, adjusting JVM parameters for older versions, and setting a system environment variable, with detailed step‑by‑step instructions and code snippets.

DBLEJavaVulnerability Mitigation
0 likes · 6 min read
How to Patch the Apache Log4j2 Vulnerability in Dble
Laiye Technology Team
Laiye Technology Team
Nov 17, 2020 · Information Security

Comprehensive Security Practices and Vulnerability Mitigation at Laiye Technology

This article details Laiye Technology's end‑to‑end security strategy—including application hardening, password policies, brute‑force defenses, SQL injection, XSS and CSRF mitigations, privilege controls, secure file uploads, code‑review standards, and infrastructure vulnerability scanning—to protect sensitive data and AI‑driven robot platforms from a wide range of attacks.

Access ControlCSRFSQL injection
0 likes · 21 min read
Comprehensive Security Practices and Vulnerability Mitigation at Laiye Technology