20th June 2019
XML injection attacks are nasty little exploits invented by hackers to help them compromise systems hosting XML databases. This includes the kinds of things that come to mind when one thinks about traditional databases - detailed stores of information about anything from medicines to movies.…
16th May 2019
Code injection attacks are among the most common, and also the most dangerous, that many websites and applications will encounter. They run the gamut both in terms of sophistication and in the danger that they pose, but nearly any site or app that accepts user input could be vulnerable.…
17th April 2019
Having been on both sides of the fence, I know all too well the tension that can arise between the development team and AppSec specialists when it comes to upholding security best practice. However, there is a better approach.…
4th April 2019
If an application has insufficient anti-automation checks in place, attackers can simply keep guessing at passwords until they find a match. Here's how to stop them.…
6th December 2018
Cross-site scripting (XSS) uses the trust of browsers and ignorance of users to steal data, take over accounts, and deface websites; it’s a vulnerability that can get very ugly, very quickly. Let’s take a look at how XSS works, what damage can be done, and how to prevent it.…
Jaap Karan Singh
