Secure your code, from the start.
In many ways, the remote file inclusion vulnerability is much more dangerous, and also easier to exploit, than its local file counterpart. As such, it should be found and remedied as soon as possible.…
This year, the PCI Security Standards Council released an all-new set of software security guidelines as part of their PCI Software Security Framework. This update aims to bring software security best practice in-line with modern software development.…
XML injection attacks are nasty little exploits invented by hackers to help them compromise systems hosting XML databases. This includes the kinds of things that come to mind when one thinks about traditional databases - detailed stores of information about anything from medicines to movies.…
Code injection attacks are among the most common, and also the most dangerous, that many websites and applications will encounter. They run the gamut both in terms of sophistication and in the danger that they pose, but nearly any site or app that accepts user input could be vulnerable.…
Having been on both sides of the fence, I know all too well the tension that can arise between the development team and AppSec specialists when it comes to upholding security best practice. However, there is a better approach.…
Jaap Karan Singh
Pieter Danhieux
