Jamessilent-byte.hashnode.dev·Dec 12, 2024Certified AppSec Practitioner (CAP) Exam: A Comprehensive OverviewI just passed the Certified AppSec Practitioner (CAP) exam, and I'm excited to share my experience, and resource used to prepare and important topics!. Something I Wanna Say: I believe the most exciting way to prepare for this exam is to dive into e...47 readsSecops Certification Reviews & Resourcesappsec
Ben-Hur Santos Ottblog.guiadeappsec.com.br·Nov 29, 2024AppSec Newsletter 0038Links 🎖️ Monitoramento Regular de Repositórios Git para Identificação de Dados PII com AWS Macie | Gustavo Rorato eBPF Foundation Releases Security Threat Model and Audit Reports | TheNewStack Supply Chain Attacks Targeting LLM Application Develo...55 readsappsec
b1d0wsb1d0ws.hashnode.dev·Nov 19, 2024AppSec Project - Chapter 4, SAST Tools and ContainerizationIntroduction Hello! Today, we’ll explore testing various SAST tools to evaluate their effectiveness in helping us secure our application. Additionally, we’ll containerize our app and make final adjustments to bring the project to completion. Our bran...120 readspentesting
Rosecurifylog.rosecurify.com·Nov 17, 2024Seclog - #100"The enemy does not check your risk register prior to attacking." - Sun Tzu, The Art of Cyber War 📚 SecMisc PoisonTap - Exploiting locked computers through USB peripherals, demonstrating techniques to bypass security measures on locked machines. Re...seclogBlueHat2024
b1d0wsb1d0ws.hashnode.dev·Nov 7, 2024AppSec Project - Chapter 3, Enhancing SecurityIntroduction In today’s article, we will focus on implementing several enhancements to improve the overall security of our web application. While most of these changes do not address specific vulnerabilities, they play a crucial role in mitigating po...122 readsPostsappsec
b1d0wsb1d0ws.hashnode.dev·Oct 29, 2024AppSec Project - Chapter 2, Manually fixing more vulnerabilitiesIntroduction Hello, and welcome to chapter 2 of our AppSec project! If you're not up to speed with what's going on, be sure to start with chapter 1. Today, we'll continue our journey of manually fixing vulnerabilities. Without further delay, let's st...160 readsPostsSecurity
Varkey Thomasskinnyidiot.hashnode.dev·Oct 27, 2024Server Side Request ForgeryIntro: This vulnerability allows an attacker to force the server side of a web application to make requests to normally unauthorized locations. Brief: Compared to the previous lab where the goal of to access the administrator panel by modifying a req...appsec
Ben-Hur Santos Ottblog.guiadeappsec.com.br·Oct 25, 2024AppSec Newsletter 0037E chegamos a mais uma edição da nossa newsletter! Vídeo Novo no canal Guia de AppSec https://www.youtube.com/watch?v=-lLgMupOqIw Links 🎖️ Google | If It’s Not Secure, It Should Not Compile: Preventing DOM-Based XSS in Large-Scale Web Development ...117 readsappsec
b1d0wsb1d0ws.hashnode.dev·Oct 23, 2024AppSec Project - Chapter 1, Manually fixing vulnerabilitiesIntroduction Hello, welcome to the b1d0ws appsec project! The idea here is to introduce you, with a few articles, to a process of building, fixing vulnerabilities and integrating a python website with application security. I'm a beginner in this proc...234 readsPostsappsec
Chama JennaneforfreeCodeCampfreecodecamp.org·Oct 9, 2024How to Strengthen Your Code: Essential Secure Design Principles for DevelopersSecure design principles have long been the foundation for building secure systems. And they remain a crucial aspect of modern cybersecurity. Introduced in 1975 by Saltzer and Schroeder in their landmark paper The Protection of Information in Compute...secure coding
