22nd December 2020
This vulnerability is more of a human or management problem that allows older APIs to remain in place long after they should have been replaced by newer, more secure versions.…
25th November 2020
The insufficient logging and monitoring flaw mostly happens as a result of a failed cybersecurity plan in regards to logging all failed authentication attempts, denied access, and input validation errors.…
12th November 2020
We’re thrilled to announce a brand new feature release on the Secure Code Warrior platform: Missions. This all-new challenge category is the next phase in developer-ified security training, moving users from the recall of security knowledge, to applying it in a real-world simulation environment.…
11th November 2020
It’s likely a little more prevalent in APIs, but attackers will often attempt to find unpatched flaws and unprotected files or directories anywhere in a network. Coming across an API that has debugging enabled or security features disabled just makes their nefarious work a little easier.…
21st October 2020
The mass assignment vulnerability was born as a result of many modern frameworks encouraging developers to use functions that automatically bind input from clients into code variables and internal objects.…