Application security

Many critics of the Open Web Application Security Project (OWASP) Top Ten list view insufficient logging and monitoring, new on the list in 2017, as more of...

It does not take a rocket scientist to understand using components with known vulnerabilities is a very poor choice. While solving this issue may sound straightforward,...

The Open Web Application Security Project (OWASP) is a volunteer group whose goal is to build a more robust Internet. One of their flagship publications is...

Extensible Markup Language External Entities (XXE) is currently ranked fourth on OWASP’s 2017 Top Ten list of application security risks. Extensible Markup...

Injection is a type of security flaw that has topped the OWASP Top Ten since around 2010. This means it is not a new vulnerability, and despite information...

The Open Web Application Security Project (OWASP) is a global, nonprofit organization aiming to improve the security of applications and raise awareness of...

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular web application security testing tools. It is made available for free as an open source...

Microsoft has started developing cross-platform integrations into Windows 10. The Windows Subsystem for Linux (WSL) is an example of one these integrations...

Security vulnerabilities that are created through the serialization of sensitive data are well known, yet some developers are still falling into this trap....

If you have ever been at the epicenter of a security breach relating to online web apps and services, you know just how important your system logs can be as...