If you dont know what it means for your users, how can you expect them to? If you want people to be able to understand your product, make sure they are in control and that they feel safe. You need ...
Continue Reading
July 28, 2021
What can we learn from this? The lesson here is that security must be built into the design of APIs and not just bolted on as a secondary feature. The fact that the information was exposed through a ...
Continue Reading
July 27, 2021
We are looking for a Senior Software Engineer to join our team in New York City. We have an exciting opportunity that will allow you to work with some of the most talented and dedicated people in the ...
Continue Reading
July 27, 2021
I cant help but feel like this is an attempt to make it more hip and cool, which I think is a mistake. It used to be that if you wanted to know what was going on in the world, you would read The ...
Continue Reading
July 27, 2021
Broken function-level authorization is when applications fail to limit sensitive functions to the authorized users. Unlike broken object-level authorization, this flaw refers specifically to when unau ...
Continue Reading
July 27, 2021
How do we prevent this? Heres how broken function level authorization is prevented: First, identify all of the functions in your application and classify them into three categories: admin (e.g., ad ...
Continue Reading
July 27, 2021
Here's my top 10 list of things that you can do to protect your website from attack: 1. Use HTTPS Everywhere (https://www.eff.org/https-everywhere) 2. Protect Your Cookies (https://blog.imperva.com/20 ...
Continue Reading
July 27, 2021
3. Monitor and Log All API Activity Monitoring is critical to ensuring that APIs are operating properly, but its also important for security purposes. Monitoring tools should be able to detect susp ...
Continue Reading
July 27, 2021
Back to Main
