Understanding How External Entities Attack XML Files Extensible Markup Language (XML) files are plain-text files that describe data behavior as that data relates to a [...]
The number and sophistication of cyberattacks are increasing year after year. Now it’s the time, more than ever, to start implementing security testing within your [...]
Not Just a Trend The efficiency of DevOps has proven the staying power of integrating development and deployment departments. It’s now more than just a [...]
Security vulnerabilities are everywhere. If nothing else, the recent hack of Equifax that compromised approximately 143 million American credit records is a signal that even [...]
Security misconfigurations are “holes” or weaknesses within your computer applications that leave your system vulnerable to attack. These misconfigurations allow easy exploitation from threat agents [...]
How to Resolve and Prevent XSS Cross-site scripting (XSS) occurs when an attacker injects malicious script, like JavaScript, into your web browser which compromises an [...]
OWASP Top 10 2017 – A2 Broken Authentication Authentication and session management includes verifying user credentials and managing their active sessions. Broken authentication and session [...]
Pentesting is also called penetration testing or ethical hacking. A penetration test is designed to answer the question: “How effective is my current security against [...]
Kiuwan’s latest release now includes coverage for Python. Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van [...]
DIY: Generate OWASP Benchmark Results for Kiuwan Code Security The OWASP Benchmark for Security Automation (OWASP benchmark) is a free and open test suite designed to evaluate the [...]