Image
3.6 K
views
16th September 2021 3580

HOW CAN THE OWASP DEPENDENCY TRACKER BE USED TO IMPROVE THE APPLICATION SECURITY LIFECYCLE?

Dependency Track is a free, open-source continuous component analysis platform that helps businesses discover and mitigate supply chain risk

Image
4.8 K
views
9th June 2022 4804

While testing sql injection why do testers frequently use single quotes

SQL injection is often referenced as the most common type of attack on websites. It is being used extensively by hackers and pen-testers on web applications.

Image
1.3 K
views
23rd June 2022 1338

What is spring4shell vulnerability and how to address this vulnerability

Spring is a popular lightweight Java platform application framework that enables developers to easily create Java applications with enterprise-level features

Image
1.2 K
views
5th October 2021 1210

Why Is It Important To Understand Owasp Automated Threats To Web Applications To Develop Better Security?

The primary goal was to create an ontology that would serve as a common language for developers,

Image
1.3 K
views
26th May 2022 1347

My Website has HTTPS implemented. Should i really worry about implementing HSTS.

HTTP and that all redirection to the site using HTTP should be changed to HTTPS requests by default.

Image
5.3 K
views
11th October 2018 5270

Server-Side Request Forgery-SSRF

Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a maliciously crafted request from a vulnerable web application

Image
4.9 K
views
14th June 2022 4926

How hackers bypass file upload and how to prevent it?

Starbucks does have the best coffee in the world. But, do they have the best cybersecurity defense? ? Johnstone discovered It was possible to execute arbitrary code by uploading a webshell

Image
1.3 K
views
10th August 2021 1308

End to End Email Security with DMARC Records

DMARC also known as Domain Message Authentication, Reporting & Conformance is a technical standard that helps protect email senders and recipients from email related spoofing and phishing attacks

Image
6.5 K
views
4th May 2019 6462

Null Byte SQL Injection

Null Byte Injection is an exploitation technique which uses URL-encoded null byte characters to the user-supplied data. This injection process can alter the intended logic .

Image
2 K
views
29th April 2020 2040

Evolution of Ransomware and the trends in 2020

Nowadays the biggest danger that we come across and also something that we are about to face in future is The cyber threat the crime that happens via internet and technology.

Image
2.4 K
views
3rd October 2018 2386

CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

Image
3.5 K
views
4th May 2019 3500

How to secure your Github repository?

GitHub is a hosting platform which helps developers to collaborate in building software’s. It helps the developers to manage source code management.

Image
1.2 K
views
21st December 2021 1195

Security Flaws in Third Party Apps

One thing that you have to remember is that outside parties such as auditors, customers don’t care how vulnerabilities got into your environment. Even if your hands are tied, application security flaws can and likely will .

Image
1.2 K
views
23rd September 2021 1209

What is the Difference Between AWS Vs Azure Vs Google from a Cloud Security Standpoint

These services are designed to provide easy, affordable access to applications and resources, without the need for internal infrastructure or hardware

Image
1.6 K
views
16th November 2021 1559

6 Cybersecurity measures that Organizations tend to overlook

Cyberattacks are a major nuisance that aren't going anywhere anytime soon. Growing at an estimated 15% year over year, cybercrime costs to organizations worldwide are forecast to reach $10.5 trillion annually by 2025.

Image
2.5 K
views
13th December 2021 2509

What and How to address LOG4J CVE-2021-44228 Vulnerability?

CVE-2021-44228 is the name of the zero-day vulnerability, which can affect any programme that logs user input. The effect may be seen in a variety of places, including Minecraft, which registers the names of users.

Image
3.8 K
views
3rd October 2018 3813

CWE-79 Improper Neutralization Of Input During Web Page Generation Cross-Site Scripting

Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.