Missing Function Level Access Control What is the vulnerability? Web applications typically only show functionality that a user has the need for and rights to use in the UI on …
December 9, 2015
Cross Site Scripting (XSS) attacks are a type of injection attack. XSS is probably the most common type of malicious attack after code injection. They are certainly the most common …
October 13, 2015
Broken Authentication and Session Management Securely authenticating users, managing their sessions when connected, and ensuring proper logout when the sessions end are essential activities when delivering web applications. As are …
July 17, 2015
Traditional network firewalls placed in front web servers offer protection by limiting webserver access to the HTTP and HTTPS protocol ports – normally port 80 and 443. This approach prevents …
November 25, 2014
Reverse proxy is a vitally important element within application infrastructures to provide an additional layer of security for server instances by retrieving resources on behalf of users located in untrusted …
June 23, 2014