b1d0wsb1d0ws.hashnode.dev·Nov 19, 2024AppSec Project - Chapter 4, SAST Tools and ContainerizationIntroduction Hello! Today, we’ll explore testing various SAST tools to evaluate their effectiveness in helping us secure our application. Additionally, we’ll containerize our app and make final adjustments to bring the project to completion. Our bran...Discuss·85 readspentesting
Rosecurifylog.rosecurify.com·Nov 17, 2024Seclog - #100"The enemy does not check your risk register prior to attacking." - Sun Tzu, The Art of Cyber War 📚 SecMisc PoisonTap - Exploiting locked computers through USB peripherals, demonstrating techniques to bypass security measures on locked machines. Re...DiscussseclogBlueHat2024
b1d0wsb1d0ws.hashnode.dev·Nov 7, 2024AppSec Project - Chapter 3, Enhancing SecurityIntroduction In today’s article, we will focus on implementing several enhancements to improve the overall security of our web application. While most of these changes do not address specific vulnerabilities, they play a crucial role in mitigating po...Discuss·106 readsPostsappsec
b1d0wsb1d0ws.hashnode.dev·Oct 29, 2024AppSec Project - Chapter 2, Manually fixing more vulnerabilitiesIntroduction Hello, and welcome to chapter 2 of our AppSec project! If you're not up to speed with what's going on, be sure to start with chapter 1. Today, we'll continue our journey of manually fixing vulnerabilities. Without further delay, let's st...Discuss·143 readsPostsSecurity
Varkey Thomasskinnyidiot.hashnode.dev·Oct 27, 2024Server Side Request ForgeryIntro: This vulnerability allows an attacker to force the server side of a web application to make requests to normally unauthorized locations. Brief: Compared to the previous lab where the goal of to access the administrator panel by modifying a req...Discussappsec
Ben-Hur Santos OttforGuia de AppSec :: Blogblog.guiadeappsec.com.br·Oct 25, 2024AppSec Newsletter 0037E chegamos a mais uma edição da nossa newsletter! Vídeo Novo no canal Guia de AppSec https://www.youtube.com/watch?v=-lLgMupOqIw Links 🎖️ Google | If It’s Not Secure, It Should Not Compile: Preventing DOM-Based XSS in Large-Scale Web Development ...Discuss·101 readsappsec
b1d0wsb1d0ws.hashnode.dev·Oct 23, 2024AppSec Project - Chapter 1, Manually fixing vulnerabilitiesIntroduction Hello, welcome to the b1d0ws appsec project! The idea here is to introduce you, with a few articles, to a process of building, fixing vulnerabilities and integrating a python website with application security. I'm a beginner in this proc...Discuss·219 readsPostsappsec
Chama JennaneforfreeCodeCampfreecodecamp.org·Oct 9, 2024How to Strengthen Your Code: Essential Secure Design Principles for DevelopersSecure design principles have long been the foundation for building secure systems. And they remain a crucial aspect of modern cybersecurity. Introduced in 1975 by Saltzer and Schroeder in their landmark paper The Protection of Information in Compute...Discusssecure coding
The Firewallblogs.thefirewall.org·Oct 1, 2024Shift Left with The Firewall Appsec Platform: The Future of Accessible CybersecurityThe Current State of Security In today's rapidly evolving digital landscape, cybersecurity is more critical than ever. However, the reality is stark: the frequency and severity of security breaches are on the rise. Businesses, both large and small, a...Discuss·1 like·140 readscybersecurity
Arshan Dabirsiaghinahsra.hashnode.dev·Sep 25, 2024A note from the AI front linesAI rightfully refuses to relinquish its place in our cultural conversation, and so I thought I'd share a few interesting things we've noticed at Pixee making an AI product security engineer. I hope that others might find validation, understanding, or...Discuss·99 readsAI
