PortSwigger

Overview

PortSwigger is a UK-based company founded in 2008, specializing in software solutions within the security software sector. The company focuses on addressing vulnerabilities in web applications, as evidenced by its published research articles. Notable themes in their documentation include the critical security risks associated with web application template engines, particularly Server-Side Template Injection (SSTI), which can lead to Remote Code Execution (RCE). Their research outlines methodologies for detecting and exploiting these vulnerabilities, emphasizing the ease with which developers can inadvertently expose their applications to attacks. PortSwigger's documents also discuss the implications of using unsafe user input within templates and provide case studies on popular template engines, highlighting the importance of secure coding practices. The company’s commitment to enhancing web application security is further reflected in their ongoing research efforts, contributing valuable insights to the field of cybersecurity.

Industry