Reza RashidiforDevSecOpsGuidesrezaduty-1685945445294.hashnode.dev·Mar 22, 2024Secure Coding CheatsheetsIn today's interconnected digital landscape, security is paramount for developers across various platforms and programming languages. With cyber threats evolving rapidly, ensuring the security of software applications has become more critical than ev...Discuss·1.5K readsDevops
CJdevsecops101.hashnode.dev·Mar 19, 2024Essential JavaScript Libraries for Boosting Your Web Application's SecurityIn the world of JavaScript development, ensuring the security of your applications is important. With cyber threats against applications evolving constantly, developers need to take advantage of robust tools and libraries to fortify their code agains...Discuss·1 likeApplication Security
Jeremiah Liscummrliscum.com·Mar 9, 2024Types of DOS Explained!DDOS (Distributed Denial of Service) is one of the most well known types of cyber attacks. Ask anyone working in Information Technology and they will be able to give a general explanation of what it is. If you are someone who wants learn more about D...Discuss·43 reads#cybersecurity
Matt Biedronskiblog.gonskicyber.com·Feb 29, 2024CVE-2023-5830: Critical Security Vulnerability in ColumbiaSoft Document LocatorDisclaimer: This information is being published for educational purposes only Background With the help of my colleague @micahvandeusen, in the late-summer of 2022 we identified and exploited a critical security vulnerability present within ColumbiaS...Discuss·484 readscve-2023-5830
Paras Sahuwebed.hashnode.dev·Feb 28, 2024A Complete Guide to Access Tokens, Refresh Tokens, and Their Role in Enhancing Application SecurityAccess Tokens Access tokens are the token that confirms whether the specific user is authorized to perform a particular action in an application or not. Tokens are useful as they reduce the multiple login for authorization inconvenience of the user ....DiscussToken Security
Panagiotis Vasilikossecuringbits.com·Jan 31, 2024Multi Tenant Data Isolation PatternsIf you're building a multi-tenant SaaS business, data isolation can be challenging. Here are four common design patterns with their tradeoffs: 1. Server Isolation: each tenant's database is hosted on separate servers. This provides strong separat...DiscussSaaS
Joel O.joelodey.hashnode.dev·Jan 29, 2024Lab: Password reset poisoning via middlewareLab Scenario: Our mission is to investigate and exploit the password reset functionality of a simulated web application, demonstrating the risks associated with insecure implementations. Let's navigate through the solution using Burp Suite: Explorin...DiscussPortSwigger Authentication Labswebsecurity
Panagiotis Vasilikossecuringbits.com·Jan 24, 2024JSON Web Tokens (JWTs)JSON Web Tokens (JWTs) are widely used to transfer security critical information between parties, as they can guarantee data integrity. However, it is important to be aware of the potential risks associated with their usage. 🔒DiscussApplication Security
Panagiotis Vasilikossecuringbits.com·Jan 17, 2024UUID Sandwich AttacksIf you're using UUIDs (version 1) to implement security features in your application, you may be vulnerable to Sandwich Attacks. Solution: switch to version 4 UUIDs instead.Discuss·2 likes·55 readsApplication Security
Suprit Ratnakarsupritratnakar.hashnode.dev·Jan 16, 2024Fortify Your Digital Fortress: Crafting the Ultimate Application Security PolicyOrganization: XYZ Purpose & Scope: This Application Security Policy outlines the security measures and best practices to protect the personally identifiable information (PII) and sensitive data collected and stored within XYZ’s application. The polic...Discuss#cybersecurity