Tag: OWASP
-
Xtreme Breakdown – Secure Hashing
What is the purpose of Hashing or what is the problem that it’s trying to solve? Let’s say you are trying to send a file from your device to your friend’s device and your friend would like to confirm whether the file you sent is the same file that is downloaded the same file or…
-
CVSS Infographic
CVSS is the scoring system managed and launched by the Forum of Incident Response and Security Teams(FIRST) but started by the National Information Assurance Partnership (NIAP) Here is the infographic that explains the journey of CVSS from birth to what it is today. I am going to write a detailed guide on how versions changed…
-
What is Runtime Application Self Protection(RASP)
What is RASP? RASP stands for Runtime Application Self Protection, it is a technology that secures applications in runtime. RASP starts whenever any application configured with RASP executes and it protects the application in real-time. RASP intercepts all the calls between the app and the system validates them and makes sure they are secure. Whenever…
-
Understanding permissions in windows
In this article, we are going to discuss the permissions in windows. I am not going to in-depth analysis but what I will try to do is to give an overview of how windows handle permissions. This is going to help you in privilege escalation of windows. These are the list of things that we…
-
X-Frame Options Missing, don’t let your button miss the click
XFO also know as X-Frame Options, if you are a web developer or aspirated to be one, security analyst then you might be hearing about X-Frame options. If you don’t know what it is and what is its role in security, then just hold on to the article. In this blog, I will be discussing…
-
Quick checklist while you are developing any application for DevSecOps
DevOps is the thing that every organization is looking up to from the last half-decade and almost all tech giants are following that even there are startups which made millions providing solutions on DevOps but then what’s next? What’s next big thing after DevOps and then it comes DevSecOps. What is DevSecOps? DevSecOps is nothing…
-
How OWASP Top 10 Will Protect Web Application
When you look in the requirements of any information security analyst OWASP top ten will be there for sure. Firm knowledge on OWASP top 10 OWASP stands for Open Web Application Security Project. This is a non-profit organization with the mission to make web securely visible. Web is made to be available not secure so…