2017 OWASP A4 Update: XML External Entities (XXE)
Extensible Markup Language External Entities (XXE) is currently ranked fourth on OWASP’s 2017 Top Ten list of application security risks. Extensible Markup...
Tyra Appleby
Tyra Appleby is a CISSP certified lover of all things cybersecurity. After serving 4 years in the Navy as a Cryptologic Technician, she continued supporting various DoD and government agencies as a Systems Security Engineer. She has a passion for writing and research, particularly in the areas of Reverse Engineering and Digital Forensics. When she’s not working, you can find her at the beach with her Rottweiler Ava.
Page 3
How to Set Up a Web App Pentesting Lab in 4 Easy Steps
A pentesting lab can be a small entity used by one security tester, consisting of one or two computers; or it could be a larger set of networked computers behind...
A guide to preventing common security misconfigurations
Security misconfigurations are still part of OWASP’s Top 10 Security Risk list. This indicates they have been a persistent issue over the years. Security...
The Advantages & Disadvantages of Outsourcing Incident Response
Companies usually outsource tasks if they are more cost effective and can produce consistent results. Outsourcing incident response functions ensures a company...
A 10 step post-breach incident response checklist
Any organization with cyber-related assets needs to have a well written incident response (IR) plan. The incident response plan is meant to cover the procedures...
Phishing Attacks in the Hospitality Industry
The hospitality industry has been consistently hit with cyberattacks year after year. Fast food chains, large retailers, and every major hotel chain have been...
IT Auditor interview questions
IT auditors are responsible for performing independent verifications of an organization’s security posture. These positions can have many name variations...
OWASP Top 10 #3: Cross-Site Scripting (XSS)
Cross-site scripting (XSS) attacks involved the injection of malicious code into trusted websites. One of the traditional uses of XSS is a hacker stealing...
How Security Awareness Training Can Protect the Military
There stills seems to be no true consensus on the need for or importance of security training in the workplace. There are people on both sides of the argument...
Phishing Definition, Prevention, and Examples
Related articles in this section:
[clist id="1470243405619" post="35256"]
Phishing is a play on the word "fishing," as it is a way of “throwing out bait”...