App Security Mantra - No silver bullet for cyber security!

Hashing, Encryption, Encoding, and Obfuscation: Understanding the Differences

BySecumantra April 5, 2023September 22, 2024

In the realm of cybersecurity and data protection, four terms often surface: hashing, encryption, encoding, and obfuscation. While they may seem interchangeable at first glance, each serves a distinct purpose and offers unique advantages and limitations. There is often significant confusion around the differences between encryption, encoding, hashing, and obfuscation. Understanding the differences between these…

Understanding the CIA Triad: The Foundation of Information Security

BySecumantra March 5, 2023February 7, 2024

In the ever-evolving landscape of cybersecurity, it’s crucial to have a solid foundation to build upon. One such foundational concept is the CIA Triad, which stands for Confidentiality, Integrity, and Availability. This framework serves as a cornerstone for designing, implementing, and managing information security within organizations. In this blog post, we’ll delve into the CIA…

Application Security

Securing a web API with Basic Authentication

BySecumantra February 5, 2023February 6, 2024

In today’s interconnected digital world, securing web APIs is most important. Whether you’re building a small-scale application or a large enterprise system, protecting your API endpoints is crucial for safeguarding sensitive data and maintaining the integrity of your services. One of the simplest yet effective methods for securing a web API is through Basic Authentication….

Application Security

App Roles With Azure Active Directory for Blazor App

BySecumantra January 7, 2023February 9, 2024

In this article, we are going to learn how to use App Roles from Azure Active Directory to provide a greater level of security for our apps. Azure Active Directory (AAD) is a popular cloud-based identity and access management solution that allows organizations to manage and secure user authentication and authorization for their applications and…

Application Security | Data Security | OWASP | Vulnerability

OWASP Top Ten: Cross-Site Scripting (XSS)

BySecumantra September 5, 2020October 7, 2021

Welcome to Secumantra! In this post, we’re going to talk about the number seven vulnerability from OWASP Top Ten which is Cross-Site Scripting (XSS). Cross-site scripting is one of the most common security vulnerability in web applications today. These vulnerabilities can have consequences such as tampering and sensitive data theft. OWASP (Open Web Application Security…

Application Security | Data Security | OWASP | Vulnerability

OWASP Top Ten: Insecure Deserialization

BySecumantra August 30, 2020November 27, 2020

Welcome to Secumantra! In this post, we’re going to talk about the number eight vulnerability from OWASP Top Ten – Insecure Deserialization. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure coding. It…

Application Security | Data Security | OWASP | Vulnerability

Insufficient Logging And Monitoring

BySecumantra August 25, 2020November 27, 2020

Welcome to Secumantra! In this post, we’re going to talk about the number ten vulnerability from OWASP Top Ten – Insufficient Logging And Monitoring. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure…

Application Security | OWASP | Vulnerability

OWASP Top 10 – Using Components With Known Vulnerabilities

BySecumantra August 20, 2020November 27, 2020

Welcome to Secumantra! In this post, we’re going to talk about the number nine vulnerability from OWASP Top Ten – Using Components With Known Vulnerabilities. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more…

Application Security | Data Security | OWASP | Vulnerability

OWASP Top 10: Security Misconfiguration

BySecumantra August 15, 2020November 24, 2020

Welcome to Secumantra! In this post, we’re going to talk about the number six vulnerability from OWASP Top Ten – Security Misconfiguration. We have already covered top five vulnerabilities in our previous posts – injection, broken authentication , sensitive data exposure, XML external entities and broken access control. OWASP (Open Web Application Security Project) is a nonprofit…

Application Security | Cyber Security | Data Security

Top 10 Tips for Smartphone Data Security

BySecumantra August 10, 2020December 18, 2020

Welcome to Secumantra! In this post we will discuss about a topic which is important for not only application developers but also to normal users of mobile devices. Mobile devices and smartphones have become so common in today’s world. In addition these devices are connected to internet and information is being exchanged continuously. This not…