ISSUE 39 (September 2013)
Web app security
Issue 39 Contributors
Roy Adar
VP of Product Management at Cyber-Ark
Alexander Bolshev
Senior Penetration Tester at ERPScan
Dmitry Chastukhin
Director of Pentesting at ERPScan
Joshua Dionne
IT security enthusiast
Troy Gill
Senior Security Analyst at AppRiver
Brian Honan
Owner of BH Consulting, Founder of Ireland’s national CERT
Michael S. Oberlaender
Security executive
Josh Pauli
Associate Professor of Information Security at Dakota State University
Kai Roer
Senior Partner at The Roer Group
Didier Stevens
IT Security Consultant, Founder of Didier Stevens Labs

Web app security

PDF download
Read issue 39 now

Table of contents

  • Dear CSO, do you know how to build security culture?
  • How to secure a company’s Chinese development center?
  • Stephen Pao, GM, Security Business at Barracuda Networks, on web application security
  • The state of web application security in numbers
  • Web application exploitation with broken authentication and path traversal
  • Joel Smith, AppRiver CTO, on web threats
  • With big data comes big responsibility: The (in)security of OLAP systems
  • There are no winners in the blame game
  • Digital graphology: It’s all in the signature
  • Security from within: Proactive steps towards protecting corporate assets from attack
  • The five biggest reasons your IT staff is losing sleep
  • How to manage your passwords with KeePass

(IN)SECURE Magazine archive

ISSUE 69(July, 2021)

  • Why threat hunting is obsolete without context
  • Defending against Windows RDP attacks
  • Navigating the waters of maritime cybersecurity
go to issue

ISSUE 68(March, 2021)

  • Physical cyber threats: What do criminals leave when they break in?
  • Review: Group-IB Fraud Hunting Platform
  • Tips for boosting the “Sec” part of DevSecOps
go to issue

ISSUE 67(November, 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
go to issue