XXE Injection Attacks: 3 Ways They Can Hit You Hard
What is an XXE Injection? Web / Mobile Applications, Word Processors , Web Services, and Content Management Platforms use the […]
October 13, 2020
How to Integrate ZAP with Jenkins: A Step by Step Guide
Let’s start by understanding why we want to integrate ZAP with Jenkins in the first place. You’re probably here because […]
October 6, 2020
Your Excel Sheets Are Not Safe! Here’s How to Beat CSV Injection
Here’s something a lot of you might not have thought much about: security vulnerabilities in your Excel sheet. Well, not in […]
October 5, 2020
Why Authorisation is Still a Major Security Issue in Your Web Apps
When you look at the biggest trends in software development in the last few years, Web and Mobile apps stands […]
September 22, 2020
How Contained are your Issues with Containers?
In the 1948, an American chemist named Earl Tupper introduced a new type of plastic container. It was a fantastic […]
September 8, 2020
The 10 Step Application Security Test
Securing apps is a major challenge and achievement for any organization. For an app to be secure, it should not […]
September 3, 2020
3 Reasons You Should Be Threat Modelling Today
Let’s be straight here. I’m sure a lot of you have the sneaking suspicion that this article and threat modelling […]
August 20, 2020
7 Features that make ZAP Great for Application Security Testing
Why do we love ZAP for Application Security Testing? The Zed Attack Proxy (ZAP) is one of the most widely-used […]
August 13, 2020
5 Mistakes to Avoid in Enterprise Security Management
A lot of organisations think of Enterprise Security Management like a bad roommate — can’t live with ‘em, can’t live […]
August 6, 2020
Top 10 Security Risks In Serverless
How does security work in Serverless? When you go serverless, it’s the serverless provider (eg. AWS lambda, Google Cloud Functions […]
July 27, 2020
The AppSec Skill Gap and what we’re doing to Fix it!
If you had told anyone about 30 years ago that there would be a way for anyone in the world […]
April 30, 2020
Why Development and Security Teams need Holistic Learning
One of the primary causes that hinder effective application security in organisations, is the rift between development (engineering) and security […]