Open Mobile Menu

Blog

Filed In: Application Security, Security

HTTPS or Be Warned

Adam Caudill

Written By: Adam Caudill

July 24, 2018

Views: 622

Today marks an important event in the security of the web – starting with today’s release of Chrome v68, the most popular browser in use today is warning users when they access a website over an insecure connection. While this is a small change to the user interface, it makes the dangers of insecure connections clear to users, even in cases where the website doesn’t collect information.

Read more.

Filed In: Application Security, Security

Using the Same-origin Policy to Control for Cross-Site Request Forgery

Scott Simmons

Written By: Scott Simmons

July 23, 2018

Views: 697

Cross-Site Request Forgery (CSRF) is a security issue which can allow legitimate users to be tricked into performing actions in your web application on behalf of a malicious attacker. A successful phishing attack or similar scheme could be leveraged to exploit a CSRF vulnerability. It’s a serious issue which can be difficult to detect without manual penetration testing. 

Read more.

Filed In: Security Testing, Security

Hardware Design: Dangers of User Accessible Ports

Brandon Wilson

Written By: Brandon Wilson

July 09, 2018

Views: 634

Generally, it is a mistake for a web application to have an open and publicly accessible administrative interface – particularly one that does not require credentials in order to use. This principle is just as applicable to hardware designs as it is to application designs.

Read more.

Filed In: GDPR and Privacy, Risk and Compliance

GDPR Day 1

Christine Bertacini

Written By: Christine Bertacini

May 25, 2018

Views: 668

GDPR is the General Data Protection Regulation of the European Union. The EU created this data privacy law with the intention of protecting its citizens and lowering business barriers created by the need for privacy regulations over different member’s state lines.

Read more.