Blogs & Articles
Cybersecurity News, Latest Vulnerabilities, Hacking Tutorials
BOLA: Broken Object Level Authorization
Broken Object Level Authorization is a vulnerability that impacts API security. It occurs when an application fails to enforce access controls.
Exploiting Mass Assignment Vulnerabilities
Mass assignment is a commonly used feature in web applications. However, misconfigurations can make web applications vulnerable to attackers. Learn more.
What is an Internal Penetration Test?
Introduction An internal penetration test is a simulated attack on a network or system conducted from within an organization's internal network. The objective of an internal penetration test is to identify vulnerabilities and weaknesses in the network or system that...
What is Cross-Site Scripting (XSS)?
OverviewCross-Site Scripting (XSS) is a type of security vulnerability in web applications that enables an attacker to insert malicious code into a web page that can be viewed by other users (typically in the form of scripts). When a web application fails to properly...
How Often Do You Need a Penetration Test?
Annual penetration tests are the norm in many industries. But that doesn’t mean it’s right for your business. Learn how to determine the right frequency.
Manual vs Automated Code Review
This article explores the differences between automatic and manual code review and some of the pros and cons surrounding both approaches.
Which Role is Right For You?
This article reviews some of the technical roles that exist within the cybersecurity space to help you determine what career track is right for you.
Kali Purple – Thoughts from a Penetration Tester
Kali Linux is a popular penetration testing and ethical hacking distribution built from the Linux Operating System. Learn about the latest Kali Purple version.
What is Threat Modeling and Why You Should Use it
Threat modeling is a process used to identify potential threats and weaknesses in a system. Learn more about how to use it to protect your business.
How to Get Started with Code Review
Code review is an essential part of the web application penetration testing process but is often overlooked. We’re going to look at why it’s important and how to get started. There are a number of reasons why we might decide to review the source code of an application...
Penetration Testing - PCI Compliance - Auditing
See How We Can Secure Your Assets
Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.