Application Security | Data Security | OWASP | Vulnerability

Broken Access Control

Welcome to Secumantra! We have already covered top four vulnerabilities from OWASP Top Ten 2017 edition – injection, broken authentication , sensitive data exposure and XML external entities. In this post, we’re going to talk about the number five vulnerability – Broken Access Control. Broken Access Control covers all access control issues that can make your website vulnerable….

Application Security | OWASP | Vulnerability

OWASP Top Ten – XML External Entities (XXE)

Welcome to Secumantra! We have already covered top three vulnerabilities – injection, broken authentication and sensitive data exposure from OWASP Top Ten. In this post, we’re going to talk about the number four vulnerability in the OWASP Top Ten 2017 version – XML External Entities (XXE). OWASP (Open Web Application Security Project) is a nonprofit foundation that works to…

Application Security | OWASP | Vulnerability

Broken Authentication & Session Management

Welcome to Secumantra! In this post, we will understand the number two vulnerability in the OWASP Top Ten 2017 version which talks about broken authentication and session management. We already know what is OWASP and OWASP Top Ten, please read more about it here. In short, OWASP (Open Web Application Security Project) is a nonprofit foundation…

Application Security | OWASP | Vulnerability

What is a SQL Injection Risk?

Welcome to Secumantra! We already learnt what is OWASP and OWASP Top Ten in our previous post. OWASP Foundation is one of the most respected authorities in the field of web application security and it releases OWASP Top Ten List periodically sharing most common security vulnerabilities. Introduction Injection is the number one vulnerability mentioned in…

Application Security

Cross-Origin Resource Sharing (CORS)

Welcome to Secumantra! In this post we will understand what Cross-Origin Resource Sharing (CORS) is and will try to understand this typical CORS error we face frequently while accessing some URL or when working with APIs. You might have seen this kind of error many times on your browser console – In short, Cross-Origin Resource Sharing…

Application Security

How to Create a Self-Signed SSL Certificate

Welcome to Secumantra! In this post we will learn how to generate a self-signed SSL certificate for your website or web service. What is a Self-Signed SSL Certificate? A self-signed certificate is an SSL certificate that has not been validated by a Certificate Authority (CA). It is created by the developer of the application locally and…