HackEDU Blog

Secure Coding Training Secure Development Training Application Security

Background Most companies have an Incident Response Plan these days. With an increasing number of data breaches, having a plan in place is important so that all stakeholders (Security,...

Secure Coding Training software security Application Security

Introduction When it comes to federated identity there are three major protocols used by companies: OAuth 2, OpenID Connect, and SAML. In this article we will examine their security...

Application Security DevSecOps

You’ve decided to integrate DevSecOps into your software development operations. That’s an important first step to improving your product’s overall security by including it into the...

Application Security DevSecOps

DevOps, that combination of software development and IT operations, is designed to improve the development life cycle, getting software to market quicker and improve overall deployment. But...

Application Security Security Champion

Your company has decided to add security champions to improve your overall security postures, and you’ve chosen great candidates to take on this role. The next step is to define the...

Secure Coding Training Secure Development Training Application Security

Click here to try hacking the Struts 2 Vulnerability and learn more with HackEDU's hands-on Struts 2 application. Introduction On 22 August 2018, a Semmle security researcher disclosed a...

Application Security Security Champion

Security champions should be an integral part of your security team. When this position was first introduced five or so years ago as part of the cybersecurity structure, the security...

Secure Coding Training Application Security

The vast majority of application security teams are under resourced. Application security teams should scale with development teams, but this rarely happens. So, given this disadvantage,...

Secure Coding Training Application Security

Introduction Command injection is similar to SQL injection, but instead of injecting into a SQL query, you are injecting a command into the Operating System. User data can be input to...

Secure Coding Training Application Security

Introduction SQL Injection vulnerability allows attackers to alter database queries to take actions other than what the developer intended. This could allow an attacker to bypass...