Secure Coding Practices – Broken Authentication & Session Management
Overview Many application security attacks target user authentication and session management. A successful attack can lead to unauthorized access to […]
Secure Coding Practices – Cross-Site Scripting (XSS)
Overview Cross-Site Scripting (XSS) is a type of injection attack. This attack targets end users by running malicious script on […]
Third Party & Open Source Component Management
Introduction No application development is completed without use of third party and open source libraries now-a-days. These libraries save developers […]
New Security Bugs in Town – Meltdown & Spectre
Introduction There have been a lot of buzz around two new processor vulnerabilities called Meltdown & Spectre. In this post, […]
Analyzing a Recent Malware – W97 Downloader
We are facing high time in Word based macro downloaders. These documents use variety of techniques to hide malicious code […]
Cloud Security – Managing Risk Through Risk Assessment
Introduction Cloud security, for any organization moving or already having its data, application or infrastructure on cloud platform, is a […]
Secure Coding Practices – SQL Injection
Overview SQL Injection is a well-known application vulnerability which is at the top in OWASP Top 10 vulnerabilities list since […]