Welcome to the second installment of our "Attacks You Should Know About" series! This blog provides valuable insights for both novice and experienced cybersecurity professionals on common attacks and vulnerabilities. Today, we examine cross-origin resource ...
Welcome back to another installment of "Attacks You Should Know About"! If you’ve been following along, you already know that web applications are full of potential vulnerabilities. Today, we’re diving into one of the more ...
When talking about the threat landscape for web applications, you might first think of SQL injections, cross-site scripting, and other well-known attacks. But, there are another vectors that often fly under the radar: HTTP ...
Welcome to the first installment of "Attacks You Should Know About!" In this series of blogs, we will cover a variety of web application attacks that are fundamental for web application penetration testers to ...
Introduction Have you ever wondered how the top Software as a Service (SaaS) platforms keep their data safe? This article will explore the core concepts of securing SaaS applications. It's packed with essential tips and ...
Introduction Is your SaaS platform's security armor full of chinks you've yet to discover? As we explore the essential role of application security in the SaaS sector, this article will cover why regular security audits ...
History: You want to log into your favorite website. After attempting to enter your password, you make a mistake, and you now need to re-enter your password while also clicking on all the squares with ...
SuiteCRM is a popular open-source Client Relations Manager (CRM). I took some time to review the code and basic implementation of the application within a vanilla Ubuntu Debian build. I found good security practices within ...
Type juggling is an expected functionality of PHP when leveraging loose comparisons. However, it can be used to subvert intended operations. In this blog, we will discuss why type juggling occurs, what are the potential ...
