Broken Access Control Vulnerabilities Explained
With most of the vulnerabilities we have explored so far, we have taken the time to learn about the feature being exploited. This article will be no different as we take a look at
Understanding XML External Entity (XXE) Injection
To understand XML external entity injection, also known as XXE, we first need to understand exactly what XML data is. What is XML data? XML is a software and hardware-independent t
The risks of sensitive data exposure
What is sensitive data exposure? Sensitive data exposure is a type of cybersecurity vulnerability that affects many web applications. These occur when a company inadvertently expos
Obscurity for Security: Is it really bad practice?
Obscurity for security is the art of storing important information in such a way that only you would know where or how to find it. It’s like hiding money under a tree in the wo
SQL injection in a nutshell (a beginners guide)
Many aspects of software development and penetration testing can be complex to understand for business owners. This is why we are embarking on a journey to create a series of artic
The Risks Of Broken Authentication (and how to identify vulnerabilities)
As a business owner, we understand that it is not easy for you to get your head around many aspects of software development and penetration testing. There is a dictionary full of t
Password autofill: Is it safe?
Password autofill is a service that you have probably been using for years without thinking much about it. Nothing is more convenient than visiting a website and the browser automa
What is Red Teaming?
Cyber threats continue to evolve at an unprecedented rate, placing cyber security at the top of the agenda when businesses consider risk mitigation. Red teaming is an effective app
Cybersecurity when working from home
More people are working remotely to keep the economy going during the COVID-19 crisis, which has seen work from home become the new norm. Remote working, whether temporary or full
A beginners guide to biometric security
Applications and computer networks continue to infiltrate our business and personal lives, giving rise to a need for more efficient access and authentication models. Traditionally,