John GambleforPangea Blogpangea.cloud·Dec 5, 2024Permissions don’t persist in AI apps and that’s a big problemI’ve spent many weeks on the road this past quarter speaking to teams all over the country about their AI product initiatives and I am struck by a particular challenge I’ve heard repeatedly expressed: when developing retrieval-augmented generation (R...29 readsauthorization
Harshal Shahdelvingwithharshal.hashnode.dev·Oct 9, 2024Comprehensive Guide to Brute Force Attacks: Examples, Detection, and Prevention TacticsIn the realm of cybersecurity, Brute Force Attacks stand as one of the most fundamental and common threats. Despite their simplicity, they can be incredibly dangerous if left unchecked. This blog explores what a brute force attack is, presents a real...Fortify and Defend: Navigating the Cybersecurity Landscapebruteforcing
Harshal Shahdelvingwithharshal.hashnode.dev·Sep 25, 2024Open Redirection Attacks: Comprehensive Analysis with Practical CasesIn the world of web application security, Open Redirection Attacks often go unnoticed but pose significant threats if left unchecked. These attacks can be exploited by malicious actors to redirect unsuspecting users to untrusted or malicious websites...Fortify and Defend: Navigating the Cybersecurity Landscapeopen redirection
Harshal Shahdelvingwithharshal.hashnode.dev·Sep 17, 2024LFI and RFI: A Deep Dive with Real-World ExamplesLFI (Local File Inclusion) and RFI (Remote File Inclusion) are two common web application vulnerabilities that allow attackers to include files on the server, potentially leading to unauthorized access, code execution, or data disclosure. LFI (Local ...76 readsFortify and Defend: Navigating the Cybersecurity Landscapecode security
Esther Okaforestherokafor.com·Sep 11, 2024Strengthening API Security: A QA Engineer's Guide to the OWASP Top 10APIs are everywhere. They're the silent workhorses powering your favourite apps, from ordering food to streaming movies and so much more. But with great power comes great responsibility. And in the world of software, that responsibility falls partly ...31 readsapi security
Harshal Shahdelvingwithharshal.hashnode.dev·Sep 5, 2024Insecure Direct Object Reference (IDOR) Attacks Explained: Comprehensive GuideInsecure Direct Object Reference (IDOR) is a common web application security flaw that occurs when an application exposes references to internal objects like files, database entries, or user records, which should not be accessible by unauthorized use...Fortify and Defend: Navigating the Cybersecurity Landscape#cybersecurity
Harshal Shahdelvingwithharshal.hashnode.dev·Aug 28, 2024Command Injection Attacks: A Critical Cybersecurity ThreatIn the realm of cybersecurity, command injection attacks stand out as one of the most potent and dangerous forms of attack. These attacks exploit vulnerabilities in applications to execute arbitrary commands on a server, leading to potential system c...1 likeFortify and Defend: Navigating the Cybersecurity LandscapeWeb Security
Harshal Shahdelvingwithharshal.hashnode.dev·Aug 21, 2024Understanding Cross-Site Scripting (XSS) Attacks: What You Need to KnowCross-Site Scripting (XSS) is one of the most common and dangerous security vulnerabilities affecting web applications today. Despite being well-known, XSS continues to be a significant threat, impacting websites and users across the globe. In this b...Fortify and Defend: Navigating the Cybersecurity Landscapewebsecurity
Elom Emmanuelscansio.hashnode.dev·Jul 24, 2024Mastering OWASP Top 10: Transform Your Security Analyzer into a Code Auditing PowerhouseAbsolutely! Let's spice things up with some OWASP-flavored security auditing. We'll expand our code to cover some of the OWASP Top 10 vulnerabilities. Buckle up, because we're about to turn our security analyzer into the Swiss Army knife of code audi...OWASP TOP 10
Nipun Hegdecodecloudcapital.hashnode.dev·Jul 19, 2024Tackling OWASP Top 10 Vulnerabilities in Java Spring frameworkIn the realm of web application security, the OWASP (Open Web Application Security Project) Top 10 list is a crucial resource. It identifies the most critical security risks to web applications. Understanding these vulnerabilities and knowing how to ...36 readsSpringboot
