Secure your code, from the start.
While secure coding needs to become a mandatory component of software engineering at the tertiary level, some universities are leading the charge in providing top-notch training and prioritizing security as part of the development process from the very beginning.p…
Insecure deserialization can happen whenever an application treats data being deserialized as trusted. If a user is able to modify the newly reconstructed data, they can perform all kinds of malicious activities such as code injections, denial of service attacks or elevating their privileges.…
It truly boggles the mind that many places still rely on classrooms, dry textbooks and mind-numbing video training to get their best and brightest on-board with new initiatives, especially when there’s a far better, more engaging and more valuable way to learn: contextual training.…
The XML External Entity Injection attack, sometimes simply abbreviated as XXE injection, is relatively new, but it’s extremely popular among hacking communities right now, and growing even more so as it racks up successes.…
If an attacker can insert a CR or LF code into an existing application, they can sometimes change its behavior. The effects are less easy to predict compared with most attacks, but can be no less dangerous to the target organization.…
Pieter Danhieux
Jaap Karan Singh
