3 posts with the tag OWASP

Our team researches and documents bleeding-edge security concepts and hacking techniques. This blog explores these topics and more to keep you informed.

Securing SuiteCRM on Apache

By Anthony Ralston | September 02, 2020 | Blog

SuiteCRM is a popular open-source Client Relations Manager (CRM). I took some time to review the code and basic implementation of the application within a vanilla Ubuntu Debian build. I found good security practices within the application itself,

Read More »

PHP Type Juggling

By Anthony Ralston | August 12, 2020 | Blog

Type juggling is an expected functionality of PHP when leveraging loose comparisons. However, it can be used to subvert intended operations. In this blog we will discuss why type juggling occurs, what are the potential impacts, and why we should

Read More »

Defining the Secure Software Development Lifecycle (SSDLC)

By Cornel du Preez | June 30, 2020 | Blog

Here at Abricto Security, we believe that application penetration tests only reveal the tip of the iceberg. Specifically, if we conduct an application penetration test and we find that it’s riddled with vulnerabilities, the remediation effort

Read More »