Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications. A bug bounty program gives ethical hackers permission to test...
Continue Reading
Some organizations run bug bounty programs as a way to identify and fix vulnerabilities within their production applications. A bug bounty program gives ethical hackers permission to test...
Continue Reading
Coaches of sports teams would relish the chance to know their opponents' offensive playbook, so that they can prepare the right defensive schemes. Debate experts say you should...
Continue Reading
Secure Coding Training software security Application Security
Introduction Static code analysis testing with automated tools can enable analyzing large codebases in minutes and identify a wide range of vulnerabilities. But static analysis tools...
Continue Reading
software security Application Security
In the last twenty years, software applications have changed the way we work or do business. Software and in particular web applications store and handle increasingly more sensitive data....
Continue Reading
Secure Coding Training software security
Introduction SQL Injection is a software vulnerability that occurs when user-supplied data is used as part of a SQL query. Due to improper validation of data, an attacker can submit a valid...
Continue Reading
software security PCI Compliance
Introduction Ever since its formation in 2006, the PCI Security Standards Council (PCI SSC) has been striving to increase the security of the payment solutions and protect merchants against...
Continue Reading
software security PCI Compliance
In the previous articles, we discussed the first seven PCI DSS requirements and how to go above what is required in order to increase security. In this article, we talk about the last five...
Continue Reading
software security PCI Compliance
In the previous article, we discussed how the payment processing works and the first three PCI requirements. In this post we will explore the next four PCI DSS requirements. Requirement 4:...
Continue Reading
software security PCI Compliance
In the first post of this series, we discussed the Payment Card Industry Data Security Standard (PCI DSS), why it is important, and what the consequences are of being non-compliant. In...
Continue Reading
software security Application Security DevSecOps
Introduction Modern web browsers provide many built-in security mechanisms to defend against attackers. Same-origin policy, Cookie Policy, Content Security Policy, browser sandbox, and XSS...
Continue Reading
