OWASP set to address API security risks
OWASP has started a new project and is set to publish a new guide on security risks. The issue they aim to tackle this time is API security. The new OWASP API Security Project …
OWASP
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
Verify your software for security bugs
Verification is an important phase of developing secure software that is not always addressed in depth that includes dynamic analysis and fuzzing testing. This step allows …
OWASP top 10 web application risks for 2013
Since 2003, application security researchers and experts from all over the world at the Open Web Application Security Project (OWASP) have carefully monitored the state of web …
Application vulnerabilities still a top security concern
Respondents to a new (ISC)2 study identified application vulnerabilities as their top security concern. A significant gap persists between software developers’ …
The importance of secure coding
Jim Manico is the VP of Security Architecture for WhiteHat Security. In this video recorded at Hack In The Box 2013 Amsterdam, Manico illustrates the importance of secure …
Majority of web apps vulnerable to most frequent exploits
84 percent of web applications from public companies were deemed unacceptable when measured against the OWASP Top 10 most frequently exploited web application vulnerabilities, …
Injection attacks tutorial
This episode of the OWASP appsec tutorial series describes the #1 attack on the OWASP top 10 – injection attacks. The video illustrates SQL injection, discusses other …
Breaking web browsers
In the video below, Jeremiah Grossman, the founder and CTO of WhiteHat Security, talks about breaking web security. The video was recorded at the OWASP AppSec USA 2010 conference.
