Latest news with #PortSwigger
Business Wire
6 days ago
- Business Wire
PortSwigger Research Sheds Light on HTTP/1.1 Vulnerabilities, Urges Industry Shift Toward Safer Protocols
KNUTSFORD, England--(BUSINESS WIRE)--PortSwigger, a renowned application security software provider, is issuing a bold challenge to the web security community: it's time to retire HTTP/1.1 for good. At Black Hat USA and DEF CON, James Kettle, Director of Research at PortSwigger, unveils the fourth wave of his research that takes aim at 'HTTP request smuggling,' a critical and widespread vulnerability that affects even some of the most mature, security-conscious organizations. PortSwigger first brought this class of vulnerabilities to prominence in 2019. Now, new research shows that over 22 million websites – including major household names – have remained susceptible to brand new variants of these attacks. Drawing on six years of research, Kettle is calling on the technology community to recognize that request smuggling is not simply an implementation flaw, but rather an inherent vulnerability in the HTTP/1.1 protocol. 'The time has come to acknowledge that this isn't an issue with individual websites, but a fundamental flaw that's baked into the protocol,' said PortSwigger's Director of Research, James Kettle. 'Over the last six years, the industry has not properly fixed request smuggling. It's time we recognize that we can't patch our way to a secure HTTP/1.1 - the foundation is broken and only safe for the simplest of systems. The only real solution is to cut the problem out at the root by retiring the now decades-old technology that still underpins around 50% of communication between browsers and websites - HTTP/1.1.' PortSwigger is supporting Kettle's research with a call to action: Groundbreaking new research – James Kettle's 2025 desync paper demonstrates novel vectors never before seen. New educational resources – A hands-on Web Security Academy lab teaches the latest request smuggling techniques in a safe environment. Enhanced Burp Suite tooling – New versions of HTTP Request Smuggler and the brand-new HTTP Stream Hacker allow researchers to test for these issues both manually and through scalable automation. PortSwigger stands alone in the cybersecurity industry by offering an unparalleled combination of original research, comprehensive training resources, and deeply integrated testing tools. With Burp Suite Professional and Burp Suite DAST, security professionals are uniquely empowered to detect complex infrastructure-level vulnerabilities, including advanced request smuggling variants that often evade traditional scanning solutions. Through these innovative offerings, PortSwigger is leading the way toward a safer, more secure web. Read Kettle's research here: PortSwigger is a leading provider of web application security solutions, best known for its industry-leading Burp Suite software. The company is dedicated to equipping security professionals and organizations with the tools and knowledge to stay ahead of evolving cyber threats. Learn more at
Business Wire
05-05-2025
- Business
- Business Wire
PortSwigger Expands Global Footprint, Opening New Offices in London and Atlanta
KNUTSFORD, England--(BUSINESS WIRE)--PortSwigger, a renowned application security software provider, announced today the opening of two new office locations in London, UK and Atlanta, Georgia, USA. This marks a major milestone in the company's continued global growth and commitment to supporting customers worldwide. These new hubs – The Jellicoe in London and Ponce City Market in Atlanta – are intentional investments in PortSwigger's future, enabling the company to attract exceptional talent, support customers locally and scale its strategy while staying true to its roots. Dafydd Stuttard, PortSwigger's founder and CEO, said, "Taking PortSwigger global isn't about going bigger - it's about getting closer. Closer to our customers, and to the talent that will continue to shape our future. Establishing a presence in London and Atlanta represents an exciting step for Portswigger and the important impact we can have securing the web globally.' The Jellicoe is in the heart of London's innovation corridor, within arm's reach of top-tier tech talent, customers and partners. Designed to reflect PortSwigger's unique culture, the space is crafted for creative thinking and collaboration, with a view to becoming a magnet for Swiggers who want to shape the future of web security. Across the Atlantic, PortSwigger's new Atlanta office in the iconic Ponce City Market provides the company a strategic foothold in a fast-growing tech and cybersecurity ecosystem. With over half of PortSwigger's customers based in North America, this location significantly boosts its ability to serve clients effectively - while offering Swiggers a vibrant, well-connected place to thrive. Both offices are designed with PortSwigger's people in mind, leveraging open, collaborative environments that foster curiosity, craftsmanship and continuous learning. As it scales, the company is committed to maintaining the PortSwigger experience across every geography, ensuring its culture remains as strong in Atlanta and London as it is in Knutsford. These expansions align directly with the company's 2025 strategy, supporting the growth of its enterprise-ready solutions and helping strengthen its presence in key global markets. To learn more about career opportunities at PortSwigger or to get in touch with the teams in London and Atlanta, visit PortSwigger is a leading provider of web application security solutions, best known for its industry-leading Burp Suite software. The company is dedicated to equipping security professionals and organizations with the tools and knowledge to stay ahead of evolving cyber threats. Learn more at
