• Tags
access
administrators
analysis
and
API
Application
architects
architecture
(ASM)
assessment
(AST)
Attack
attacks
auditing
automation
awareness
beginners
best
box
Browser
career
center
Cloud
Code
coding
compliance
composition
Container
Cross-site
culture
cycle
(DAST)
Data
Database
Denial-of-service
developers
development
DevSecOps_longer
(DLP)
(DoS)
Dynamic
education
Embedded
Encryption
engineering
engineers
Enterprise
escalation
event
everyone
executives
exploit
Extensible
firewall
for
Fuzz
governance
Grey
(IAM)
Identity
In-memory
incident
information
InfoSec
injection
Input
Integration
intelligence
interface
IT
language
life
loss
Malware
management
managers
markup
metrics
Mobile
modeling
monitoring
Network
Object-oriented
(OOP)
Open
Operating
operations
(OWASP)
Password
Phishing
Physical
policy
practices
prevention
Privilege
professionals
programming
project
protection
Ransomware
(RASP)
response
review
Risk
Runtime
(SAST)
(SCA)
scripting
(SDLC)
Secure
security
security_longer
self-protection
Side-channel
(SIEM)
(SOC)
software
Static
surface
system
systems
testers
testing
Threat
training
trust
validation
vulnerability
(WAF)
(WAST)
weaknesses
web
Wireless
(XML)
(XSS)
Zero
Zero-day

Wireless Security Architecture

Wireless networks are becoming increasingly ubiquitous, as more and more devices are connecting to the internet wirelessly. This trend is being driven by the growing popularity of mobile devices, such as smartphones and tablets. As wireless networks become more popular, they also become more attractive targets for attackers. This is because wireless networks are often easier to attack than wired networks. There are a number of security risks associated with wireless networks.

December 26, 2021 Read

Code Review: A Peer's Eye View

Code review is a process where one or more developers inspect another developer’s code to find potential errors, security vulnerabilities, and other defects. It is an important part of any software development process, as it can help to improve the quality of the code and prevent defects from reaching production. There are two main types of code reviews: formal and informal. Formal code reviews are typically conducted by a team of developers, while informal code reviews can be conducted by a single developer or a small group of developers.

November 3, 2021 Read

Application Security Weaknesses

Application security weaknesses are vulnerabilities in applications that can be exploited by attackers to gain unauthorized access to systems or data. There are a number of different types of application security weaknesses, including: Injection flaws: Injection flaws occur when unvalidated or malicious data is injected into an application. This can lead to attackers executing arbitrary code on the system or gaining unauthorized access to data. Broken authentication and session management: Broken authentication and session management weaknesses occur when applications do not properly authenticate users or manage sessions.

October 27, 2021 Read

Integration Testing: The Next Step in Software Testing

Integration testing is a type of software testing that is conducted to verify the interfaces and interactions between software modules. It is the next step in software testing, after unit testing. The goal of integration testing is to ensure that the different modules of a software system work together correctly. This is done by testing the interfaces between the modules, as well as the interactions between the modules. Integration testing can be conducted using a variety of methods, including:

October 6, 2021 Read

Data Loss Prevention (DLP): Protecting Your Data

Data loss prevention (DLP) is a set of processes, procedures, and technologies designed to prevent the unauthorized access, use, disclosure, disruption, modification, or destruction of data. DLP is an important part of any comprehensive security program. There are a number of different DLP techniques, including: Data classification: Data is classified according to its sensitivity. This helps to identify which data needs to be protected. Data discovery: Data is discovered and inventoryed.

September 20, 2021 Read

Security Training

What is security training? Security training is the process of educating employees about security risks and how to protect themselves and the organization from those risks. It is an important part of any organization’s security program, as it can help to reduce the risk of security incidents. Why is security training important? Security training is important because it helps to ensure that employees are aware of the security risks that they face and how to protect themselves from those risks.

September 2, 2021 Read

Object-oriented programming (OOP) injection: A threat to your code

In object-oriented programming (OOP), classes are used to represent real-world objects. Classes have attributes, which represent the properties of an object, and methods, which represent the actions that an object can perform. OOP injection is a type of code injection attack that takes advantage of the way that classes are defined in OOP languages. In an OOP injection attack, an attacker injects malicious code into a class definition. This malicious code can then be executed when the class is instantiated.

August 31, 2021 Read

Security Operations Center (SOC)

A Security Operations Center (SOC) is a team of security professionals who are responsible for monitoring, detecting, and responding to security incidents. SOCs are typically staffed 24/7 to ensure that they can respond to incidents quickly and effectively. SOCs use a variety of tools and technologies to monitor for security incidents. These tools can include: Security information and event management (SIEM) systems: SIEM systems collect and analyze security logs from across an organization’s network.

August 17, 2021 Read

Operating System Security

Operating systems (OS) are the foundation of all computing devices. They provide the basic services that allow us to run applications, access files, and connect to networks. As such, OS security is critical to the overall security of our devices and data. There are a number of threats to OS security, including: Malware: Malware, such as viruses, worms, and Trojan horses, can be used to steal data, damage systems, or disrupt operations.

August 15, 2021 Read

Software Development Life Cycle (SDLC) Security

What is SDLC security? SDLC security is the process of integrating security into the software development life cycle (SDLC). It is a critical component of any organization’s security program, as it can help to reduce the risk of security vulnerabilities being introduced into software. Why is SDLC security important? SDLC security is important because it helps to ensure that security is considered throughout the software development process. This can help to reduce the risk of security vulnerabilities being introduced into software, which can lead to data breaches, system outages, and other security incidents.

August 13, 2021 Read

API Security: Protecting Your Data

Application programming interfaces (APIs) are everywhere. They’re used to power everything from mobile apps to cloud-based services. And as APIs become more and more ubiquitous, so too does the risk of API security breaches. In fact, a recent study by the Ponemon Institute found that the average cost of a data breach involving APIs is now over $4 million. That’s a significant increase from just a few years ago, and it’s a trend that’s only going to continue in the future.

August 13, 2021 Read

Cloud Application Security

Cloud applications are becoming increasingly popular, as they offer a number of benefits, such as scalability, flexibility, and cost-effectiveness. However, cloud applications also introduce new security challenges. There are a number of different threats to cloud application security, including: Data breaches: Data breaches are a major concern for cloud applications. This is because cloud applications often store sensitive data, such as financial information and personal information. Malware attacks: Malware attacks are another major concern for cloud applications.

June 13, 2021 Read

• ««
• «
• 2
• 3
• 4
• 5
• 6
• »
• »»