Open Mobile Menu

Blog

Filed In: Security Testing, Application Security

Securing Third Party JavaScript

Jeremy Mount

Written By: Jeremy Mount

August 20, 2018

Views: 517

Many, if not most web applications use some kind of third party JavaScript. These scripts provide useful functionality and services such as analytics, social media integration, data services, user interface features, chat capabilities and so on, however they also present a substantial risk to the confidentiality and integrity of your application and the data contained within. This is not a new topic in application security, however many companies still fail to consider or fully understand the security implications of adding code from third parties to their applications.

Read more.

Filed In: Security Testing, Security

Hardware Design: Dangers of User Accessible Ports

Brandon Wilson

Written By: Brandon Wilson

July 09, 2018

Views: 517

Generally, it is a mistake for a web application to have an open and publicly accessible administrative interface – particularly one that does not require credentials in order to use. This principle is just as applicable to hardware designs as it is to application designs.

Read more.

Filed In: InfoSec, Security Testing, Security

CSV Formula Injection

Ryan Borden

Written By: Ryan Borden

February 21, 2018

Views: 2100

A few years back I was testing an application which had CSV export functionality and I noticed something weird. When I clicked the export button the application submitted a request with the CSV data in the POST body.

Read more.