As a secure coder, you need both the right mindset and the right skills!
The Open Web Application Security Project is the ultimate source of information when it comes to Web application security. There is more than just the Top Ten, though; its projects cover best practices, tools, and more. Read our articles below on selected topics from OWASP — and beyond.
Zoom in on others’ mistakes – Vol.3: Information leakage and Zoombombing
June 25, 2020, 11:56 am
Developers
Leaders
Case study
Information leakage is the most trivial mistake to make, but also to exploit. Let's see some examples for it in Zoom.
Read more
Zoom in on others’ mistakes – Vol.2: Cryptography
June 5, 2020, 11:32 am
Developers
Cryptography
Case study
Continuing our analysis on Zoom vulnerabilities, this time we will take a look at cryptographic weaknesses.
Read more
Cross site scripting: an old-new threat
April 24, 2020, 3:22 am
Developers
Testers
Web
With everything on the Web driven by JavaScript, understanding cross site scripting (XSS) vulnerabilities is critical.
Read more
Zoom in on others’ mistakes – Vol.1: Injection
April 11, 2020, 5:13 pm
Developers
Leaders
Case study
In this first article we'll analyze the injection vulnerabilities that have put Zoom in the software security crossfire.
Read more
Cross-Site Request Forgery (CSRF), past and future
March 22, 2020, 11:29 am
Developers
Testers
Web
Cross-Site Request Forgery (CSRF): an old vulnerability that disappeared from the OWASP Top 10 in 2017. But is it gone?
Read more
The OWASP Top Ten – what it is and isn’t
March 18, 2020, 11:40 am
Developers
Web
What is the OWASP Top Ten, and - just as important - what is it NOT? Let's explore how you can make it work for you.