The key to AppSec is early detection. Are you ready for a security checkup?
Application security checkup

Prevention and detection are key tools in medicine.  Stopping a serious illness from growing worse is easier when doctors find it early, because it usually saves the money, time, and physical and emotional stress that comes with prolonged illness and aggressive treatment.  There’s no comparison between the personal impact a serious illness has on patients […]

Read more
Understanding Session Management – One of OWASP Top 10 (Part 2)

Welcome to the second half of my two-part blog on Understanding Session Management. In part 1, we covered what was session management and started digging into some possible attack types associated with this vulnerability. Here we will continue to look into other associated attack types. 4. Cross-Site Request Forgery (CSRF) – Severity: High “Cross-Site Request […]

Read more
Understanding Session Management – One of OWASP Top 10 (Part 1)
green lines of code on a laptop in the dark

Session Management has always been one of the OWASP Top 10. Take a look of the most recent two OWASP Top 10s. Top 10, 2013: A2 – Broken Authentication and Session Management Top 10, 2017: A2 – Broken Authentication Under the description of A2 of Top 10, 2017, it says, “Application functions related to authentication […]

Read more
Application Security Review Process – A Case Study
Padlock on a green door

What is application security, or AppSec? Let’s talk about web application security first. OWASP was created in 2001 and has been known as the best community for web application security. Volumes of online resources for web application security defects, security testing, and security projects have been produced by OWASP. Yet web application security is only […]

Read more