Ensuring our code is secure is a critical part of protecting our applications and we should strive to build applications that are both secure by design and in practice. Many organizations use different approaches to achieve this. Today we’re going to take a look at...
Today we will look at some of the technical roles that exist within the cybersecurity space. Many newcomers to the field want to dive into the coolest-sounding field straight away, but there are a lot of exciting roles and career opportunities if we just look beyond...
Threat modeling is a process used to identify potential threats and weaknesses in a system. It involves breaking down a system and examining it to better understand what needs protecting, who might attack it, and how it can be protected. So who needs to be involved?...
Code review is an essential part of the web application penetration testing process but is often overlooked. We’re going to look at why it’s important and how to get started. There are a number of reasons why we might decide to review the source code of an application...
Most modern web applications load resources such as fonts and JavaScript from other domains or a CDN. CORS is a security feature that prevents unauthorized access to web resources. However, depending on how it’s implemented CORS can still be attacked. Let’s first take...
