Secure Coding Training software security Application Security
Introduction Static code analysis testing with automated tools can enable analyzing large codebases in minutes and identify a wide range of vulnerabilities. But static analysis tools...
Continue Reading
software security Application Security
In the last twenty years, software applications have changed the way we work or do business. Software and in particular web applications store and handle increasingly more sensitive data....
Continue Reading
Secure Coding Training software security
Introduction SQL Injection is a software vulnerability that occurs when user-supplied data is used as part of a SQL query. Due to improper validation of data, an attacker can submit a valid...
Continue Reading
software security PCI Compliance
Introduction Ever since its formation in 2006, the PCI Security Standards Council (PCI SSC) has been striving to increase the security of the payment solutions and protect merchants against...
Continue Reading
software security PCI Compliance
In the previous articles, we discussed the first seven PCI DSS requirements and how to go above what is required in order to increase security. In this article, we talk about the last five...
Continue Reading
software security PCI Compliance
In the previous article, we discussed how the payment processing works and the first three PCI requirements. In this post we will explore the next four PCI DSS requirements. Requirement 4:...
Continue Reading
software security PCI Compliance
In the first post of this series, we discussed the Payment Card Industry Data Security Standard (PCI DSS), why it is important, and what the consequences are of being non-compliant. In...
Continue Reading
software security Application Security DevSecOps
Introduction Modern web browsers provide many built-in security mechanisms to defend against attackers. Same-origin policy, Cookie Policy, Content Security Policy, browser sandbox, and XSS...
Continue Reading
Secure Coding Training software security Application Security
And how do you build an application security program? Software development follows what is called a Software Development Lifecycle, or S D L C. It is a process used for developing software....
Continue Reading
Secure Coding Training software security Application Security
Introduction When it comes to federated identity there are three major protocols used by companies: OAuth 2, OpenID Connect, and SAML. In this article we will examine their security...
Continue Reading
