Welcome to Secumantra! In this post, we’re going to talk about the number seven vulnerability from OWASP Top Ten which is Cross-Site Scripting (XSS). Cross-site scripting is one of the most common security vulnerability in web applications today. These vulnerabilities can have consequences such as tampering and sensitive data theft. OWASP (Open Web Application Security…
Welcome to Secumantra! In this post, we’re going to talk about the number eight vulnerability from OWASP Top Ten – Insecure Deserialization. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure coding. It…
Welcome to Secumantra! In this post, we’re going to talk about the number ten vulnerability from OWASP Top Ten – Insufficient Logging And Monitoring. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more secure…
Welcome to Secumantra! In this post, we’re going to talk about the number nine vulnerability from OWASP Top Ten – Using Components With Known Vulnerabilities. OWASP (Open Web Application Security Project) is a nonprofit foundation that works to improve the security of software. OWASP Foundation is globally recognized by developers as the first step towards more…
Welcome to Secumantra! We are on a mission to understand OWASP Top Ten in detail and have already covered top two vulnerabilities – injection and broken authentication. In this post, we’re going to talk about the number three vulnerability in the OWASP Top Ten 2017 version which is sensitive data exposure. OWASP (Open Web Application Security…
Welcome to Secumantra! In this post, we will understand the number two vulnerability in the OWASP Top Ten 2017 version which talks about broken authentication and session management. We already know what is OWASP and OWASP Top Ten, please read more about it here. In short, OWASP (Open Web Application Security Project) is a nonprofit foundation…
Welcome to Secumantra! We already learnt what is OWASP and OWASP Top Ten in our previous post. OWASP Foundation is one of the most respected authorities in the field of web application security and it releases OWASP Top Ten List periodically sharing most common security vulnerabilities. Introduction Injection is the number one vulnerability mentioned in…
Welcome to Secumantra! We already learnt what is OWASP and OWASP Top Ten in our previous post. Before we look each one of these items in detail, we must build our vocabulary to have basic understanding of some of the commonly used security terms. To start with, we will focus on top ten such terms…
