Web Application Security
-
Protecting your baby: The SAFER Framework for Secure Coding
.
In that dimly lit hospital room, I lifted that small and fragile baby. Even though my wife just gave birth to him, I instinctively loved him. I vowed to…
-
Password policy: a complete guide to protecting your users
.
Some break-ins happened in your neighborhood. So, you decided to turn your house into a fortress. You fortified the walls, installed alarm systems on all the windows and bought…
-
A complete guide to secure user account management
.
Imagine putting on a fake mustache, stepping into a company pretending to be the CEO, and firing everyone. Or, imagine putting on a sexy grin, going into MI6 offices…
-
A complete guide to secure password storage
.
I was staring blankly at my screen in disbelief. My heart was racing, and my fingers were shaking. My alarm clock was ringing, but it didn’t even make me…
-
CORS: the ultimate guide
.
Imagine visiting a website showing innocent kitten pictures. But behind all those cute feline creatures hides this website’s superpower. As soon as someone visits this website, the owner of…
-
Lock Down Your Admin Area: How to Control Access for Maximum Security
.
The white house situation room is the pinnacle of power in the USA and in the world. There, the president gets his security briefings, and from there he can…
-
The simple 3 step process to reduce your network exposure
.
In an n-tier architecture application, a client communicates with at least one service. This target service is hosted on a particular server. Let us take a web application as…
-
7 tips to make your upload API hack proof
.
If you allow users to upload files, you need to make sure your website is secure against common file upload attacks. This post helps you identify potential issues and…
-
How RCE Vulnerabilities Spell Disaster for Websites and Companies
.
Remote Code Execution (RCE) is a category of vulnerabilities. These allow an attacker to execute system commands on the server. A lot of vulnerabilities allow direct system command execution….
-
The Developer’s Checklist: Ensuring Your Download APIs are Hack-Proof
.
If your application allows users to download files (documents, data, pictures…), be cautious of potential issues. Particularly, you need to make sure users can’t download files they’re not supposed…
