Welcome to Secumantra! In this post, we’re going to talk about the number seven vulnerability from OWASP Top Ten which is Cross-Site Scripting (XSS). Cross-site scripting is one of the most common security vulnerability in web applications today. These vulnerabilities can have consequences such as tampering and sensitive data theft. OWASP (Open Web Application Security…
Welcome to Secumantra! In this post, we’re going to talk about the number eight vulnerability from OWASP Top Ten – Insecure Deserialization. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure coding. It…
Welcome to Secumantra! In this post, we’re going to talk about the number ten vulnerability from OWASP Top Ten – Insufficient Logging And Monitoring. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure…
Welcome to Secumantra! In this post, we’re going to talk about the number six vulnerability from OWASP Top Ten – Security Misconfiguration. We have already covered top five vulnerabilities in our previous posts – injection, broken authentication , sensitive data exposure, XML external entities and broken access control. OWASP (Open Web Application Security Project) is a nonprofit…
Welcome to Secumantra! In this post we will discuss about a topic which is important for not only application developers but also to normal users of mobile devices. Mobile devices and smartphones have become so common in today’s world. In addition these devices are connected to internet and information is being exchanged continuously. This not…
Welcome to Secumantra! We have already covered top four vulnerabilities from OWASP Top Ten 2017 edition – injection, broken authentication , sensitive data exposure and XML external entities. In this post, we’re going to talk about the number five vulnerability – Broken Access Control. Broken Access Control covers all access control issues that can make your website vulnerable….
Welcome to Secumantra! In this post, we will understand some important security tips to protect ourselves and our families from being a victim of a potential online fraud. Security awareness has become very important in modern world when most of us are connected to internet and are working from home due to current pandemic situation….
OAuth 2.0 is very popular today and there is also a lot of confusion about OAuth 2.0 vs OpenID Connect. In this post we will understand what problem OAuth 2.0 solves and how it is different from OpenID Connect. Lets start with revisiting some basic concepts and then develop our understanding about OAuth by trying…
We have talked about the HTTPS and why it is needed in previous post. Website owners are responsible to secure the communication channel while connecting to their clients. Though HTTPS and SSL certificates offer data protection and integrity, many sites are still reluctant to adopt it. There are many misconceptions about cost, performance etc. which…
