Category: App Sec
-
-
Xtreme Breakdown – Secure Hashing
What is the purpose of Hashing or what is the problem that it’s trying to solve? Let’s say you are trying to send a file from your device to your friend’s device and your friend would like to confirm whether the file you sent is the same file that is downloaded the same file or…
-
Brief Encyclopedia of CVSS
We have seen that there is a lot of noise going around CVSS as FIRST has launched version 4.0 and in this article, I would like to discuss what is CVSS and how it evolved. What is CVSS CVSS stands for Common Vulnerability Scoring System. NIAC unveiled it on 23 February 2005. The purpose of…
-
CVSS Infographic
CVSS is the scoring system managed and launched by the Forum of Incident Response and Security Teams(FIRST) but started by the National Information Assurance Partnership (NIAP) Here is the infographic that explains the journey of CVSS from birth to what it is today. I am going to write a detailed guide on how versions changed…
-
CVE vs CWE – The Layman Guide
When it comes to information security there are many standards, guides, frameworks and terminologies that you must learn to understand Infosec better. In this guide, I will help you understand the difference between two Acronyms that we use every day and also help you to understand when to use what. What is CVE? CVE stands…
-
What is Runtime Application Self Protection(RASP)
What is RASP? RASP stands for Runtime Application Self Protection, it is a technology that secures applications in runtime. RASP starts whenever any application configured with RASP executes and it protects the application in real-time. RASP intercepts all the calls between the app and the system validates them and makes sure they are secure. Whenever…