Visit HackEDU

HackEDU Blog

 

HackEDU Blog

Topics

Stay up to date

Topic: Software Security

Secure Coding Training software security Application Security

Secure Code Review Best Practices

Introduction Static code analysis testing with automated tools can enable analyzing large codebases in minutes and identify a wide range of vulnerabilities. But static analysis tools...

Continue Reading

software security Application Security

SAST vs DAST vs IAST

In the last twenty years, software applications have changed the way we work or do business. Software and in particular web applications store and handle increasingly more sensitive data....

Continue Reading

Secure Coding Training software security

How to prevent SQL Injection vulnerabilities: How Prepared Statements Work

Introduction SQL Injection is a software vulnerability that occurs when user-supplied data is used as part of a SQL query. Due to improper validation of data, an attacker can submit a valid...

Continue Reading

software security PCI Compliance

PCI Secure Software Lifecycle (Secure SLC)

Introduction Ever since its formation in 2006, the PCI Security Standards Council (PCI SSC) has been striving to increase the security of the payment solutions and protect merchants against...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 8-12

In the previous articles, we discussed the first seven PCI DSS requirements and how to go above what is required in order to increase security. In this article, we talk about the last five...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 4-7

In the previous article, we discussed how the payment processing works and the first three PCI requirements. In this post we will explore the next four PCI DSS requirements. Requirement 4:...

Continue Reading

software security PCI Compliance

How to Go Beyond PCI Compliance to Secure Your Organization: Requirements 1-3

In the first post of this series, we discussed the Payment Card Industry Data Security Standard (PCI DSS), why it is important, and what the consequences are of being non-compliant. In...

Continue Reading

software security Application Security DevSecOps

Same-Origin Policy And Cross-Origin Resource Sharing (CORS)

Introduction Modern web browsers provide many built-in security mechanisms to defend against attackers. Same-origin policy, Cookie Policy, Content Security Policy, browser sandbox, and XSS...

Continue Reading

Secure Coding Training software security Application Security

What is a Secure Software Development Lifecycle & how do you build an appsec program?

And how do you build an application security program? Software development follows what is called a Software Development Lifecycle, or S D L C. It is a process used for developing software....

Continue Reading

Secure Coding Training software security Application Security

Common Federated Identity Protocols: OpenID Connect vs OAuth vs SAML 2

Introduction When it comes to federated identity there are three major protocols used by companies: OAuth 2, OpenID Connect, and SAML. In this article we will examine their security...

Continue Reading

Stay up to date
HackEDU-Icon

HackEDU helps teams “shift left” and reduce vulnerabilities. HackEDU offers hands-on Secure Development Training to reduce vulnerabilities software.

Learn More

Important Links
phone.svg

+1 (804) 742-2533
email.svg

info@hackedu.com
Copyright @ 2021. All Right Reserved.