In this article, we are going to learn how to use App Roles from Azure Active Directory to provide a greater level of security for our apps. Azure Active Directory (AAD) is a popular cloud-based identity and access management solution that allows organizations to manage and secure user authentication and authorization for their applications and…
Welcome to Secumantra! In this post, we’re going to talk about the number seven vulnerability from OWASP Top Ten which is Cross-Site Scripting (XSS). Cross-site scripting is one of the most common security vulnerability in web applications today. These vulnerabilities can have consequences such as tampering and sensitive data theft. OWASP (Open Web Application Security…
Welcome to Secumantra! In this post, we’re going to talk about the number eight vulnerability from OWASP Top Ten – Insecure Deserialization. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure coding. It…
Welcome to Secumantra! In this post, we’re going to talk about the number ten vulnerability from OWASP Top Ten – Insufficient Logging And Monitoring. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure…
Welcome to Secumantra! In this post, we’re going to talk about the number nine vulnerability from OWASP Top Ten – Using Components With Known Vulnerabilities. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more…
Welcome to Secumantra! In this post, we’re going to talk about the number six vulnerability from OWASP Top Ten – Security Misconfiguration. We have already covered top five vulnerabilities in our previous posts – injection, broken authentication , sensitive data exposure, XML external entities and broken access control. OWASP (Open Web Application Security Project) is a nonprofit…
Welcome to Secumantra! In this post we will discuss about a topic which is important for not only application developers but also to normal users of mobile devices. Mobile devices and smartphones have become so common in today’s world. In addition these devices are connected to internet and information is being exchanged continuously. This not…
Welcome to Secumantra! We have already covered top four vulnerabilities from OWASP Top Ten 2017 edition – injection, broken authentication , sensitive data exposure and XML external entities. In this post, we’re going to talk about the number five vulnerability – Broken Access Control. Broken Access Control covers all access control issues that can make your website vulnerable….
Welcome to Secumantra! We have already covered top three vulnerabilities – injection, broken authentication and sensitive data exposure from OWASP Top Ten. In this post, we’re going to talk about the number four vulnerability in the OWASP Top Ten 2017 version – XML External Entities (XXE). OWASP (Open Web Application Security Project) is a nonprofit foundation that works to…
Welcome to Secumantra! We are on a mission to understand OWASP Top Ten in detail and have already covered top two vulnerabilities – injection and broken authentication. In this post, we’re going to talk about the number three vulnerability in the OWASP Top Ten 2017 version which is sensitive data exposure. OWASP (Open Web Application Security…
