2d ago · 16 min read · In Part 1 and Part 2 of this series, we examined directory traversal from a developer's perspective, covering attack vectors, secure coding patterns, Apache Commons IO usage, frontend security conside
Join discussion
Apr 20 · 22 min read · In previous part 1, we discussed the basics of directory traversal attacks, attack vectors, vulnerable code structures, and the essential mitigation techniques, including secure Spring Boot usage. In
Join discussion
Apr 13 · 6 min read · Introduction As part of my ongoing Web3 security journey, I’ve started studying the OWASP Top 10 for DeFi, beginning with one of the most critical categories: Access Control Vulnerabilities. Access co
Join discussion
Apr 12 · 9 min read · On April 3, 2026, Microsoft released the Agent Governance Toolkit — the first open-source framework to address all 10 OWASP Agentic AI risks with deterministic, sub-millisecond policy enforcement. If you are building autonomous agents in 2026, this i...
Join discussionApr 7 · 16 min read · Directory traversal vulnerabilities are at the core of a failure in the boundary between application logic and filesystem access. There is a tendency to focus on SQL injection, but directory traversal
Join discussion
Mar 30 · 27 min read · Security architecture is not just about selecting the right controls or designing secure systems. It is about proving those controls work, tracking their effectiveness over time, and communicating res
Join discussion
Mar 29 · 5 min read · "If you can't measure it, you can't secure it." In this post, I’m pulling back the curtain on the EduConnect CI/CD pipeline. We aren't just looking at code; we are looking at real-time security telem
Join discussion
