Search results

Jump to: navigation, search
  • ...and mentoring others in security. His current interests involve tinkering with IoT, home automation, and competing in CTFs. Outside of technology, he enj ...oday, how Mentoring and Passion are what really propel you forward, (along with helping you pay it forward!), and of course, she’ll talk about Security.
    67 KB (10,387 words) - 12:27, 11 June 2019
  • ==What are the best practices I should remember while designing the login pages? == * The best way to manage sessions would be to use one session token with two values during authentication. One value before authentication and one a
    50 KB (8,599 words) - 12:49, 19 July 2018
  • ...application provide access by failing open; deny access, or just error out with a 500 message? ...y the test and analysis cases to verify the application if you're familiar with the business. If you are a third-party tester, then you're going to have to
    17 KB (2,576 words) - 07:29, 5 August 2014
  • ...chives. Backup files can also be generated automatically by the underlying file system the application is hosted on, a feature usually referred to as "snap An important source of vulnerability lies in files which have nothing to do with the application, but are created as a consequence of editing application fi
    18 KB (2,889 words) - 10:04, 5 August 2014
  • ...pam spiders are getting pretty good at grabbing email addresses off of web pages). ...ation vulnerabilities, discusses how to protect against them, and provides links to more information.
    75 KB (11,432 words) - 16:47, 30 April 2007
  • ...ation vulnerabilities, discusses how to protect against them, and provides links to more information. '''A secure coding initiative must deal with all stages of a program’s lifecycle'''. Secure web applications are '''''
    9 KB (1,313 words) - 16:18, 3 July 2013
  • ...u are on the discussion tab). Also, it is typical to sign your discussions with four tildes such as This signs your comment with your username as well as the current time and date. For example, four tilde
    9 KB (1,354 words) - 14:32, 26 May 2009
  • ...u can still use it. Then again, if you went hiking and came across an old, broken-down mine shaft, you could still use that, too." ...able to cross-site scripting in one of its local resources. In combination with a design flaw in this specific local resource it is possible for an attacke
    58 KB (9,039 words) - 09:19, 18 September 2008
  • ...en. The OWASP chapters in [[Sweden]], [[Norway]], and [[Denmark]] together with Stockholm University hosted OWASP AppSec Research 2010. ...demia. All the regular AppSec Europe visitors and topics are welcome along with contributions from universities and research institutes.
    117 KB (17,138 words) - 17:09, 6 August 2017
  • ...cases. All of this properties are configured in the "CSRFGuard.properties" file included in the "/conf" folder of the 2.2 distribution. ...unique request token in all links, iframes, and forms. CSRFGuard 2.2 ships with four possible response handlers: HTMLParserHandler, RegExHandler, JavaScrip
    12 KB (1,709 words) - 01:09, 28 September 2010
  • ...tions. The current version needs some work (an index.html file, fix broken links, etc.) and a new version will be available on 28 July 2008 (note: the new v ...ific lesson solutions in this zip file are the ones not in the Phase 2 zip file listed below.
    2 KB (321 words) - 05:05, 27 October 2008
  • * OCR-FILE: Secure File Access *3rd Element - Detailed Requirement Identifier (minor with up to one sublevel (e.g., .01, .02)
    14 KB (1,867 words) - 11:02, 17 April 2014
  • Browsers and proxies using the HEAD method to check whether the content of a file has changed. Some pages may be designed to receive both GET and POST requests.
    161 KB (22,356 words) - 06:27, 13 July 2015
  • [[File:2010-T10-ArchitectureDiagram.png|700px|Click for a larger version of this i ...ith each threat agent, attack vector, and security weakness and combine it with an estimate of the technical and business impact to your organization. Toge
    7 KB (1,003 words) - 22:49, 26 April 2010
  • ...performance or usability. Security features should be turned on by default with the option to turn them off explicitly. In some cases, the usability or per Similarly, James Landis was kind enough to provide us with a similar body of work he put together in defining requirements for a secur
    62 KB (8,584 words) - 18:10, 29 November 2010
  • [[File:WinterCode.png|500px|right]] The OWASP Winter Code Sprint (OWCS) is a program to involve students with Security projects. By participating in OWCS a student can get real life exp
    49 KB (7,699 words) - 22:15, 11 October 2014
  • ...ng language. It has a set of challenges and steps, each providing the user with one or more web application vulnerability which user tries to solve. There ...osed to define flawed systems, which is not the hardest thing. Familiarity with web application security and SQL is recommended.
    49 KB (7,726 words) - 23:29, 30 April 2013
  • ...ion needs to consider the economical impact of security incidents compared with the costs of unlawful non compliance. Today's costs to the business due to ...and risk governance needs. Besides the usual need to spend for compliance with information security standards, policies and regulations, CISOs might advoc
    90 KB (13,770 words) - 07:02, 7 November 2013
  • Now, in order to create a challenge, one has to validate the solution with regular expressions (or just plaintext comparison) and report success or fa ...st difficult task proposed, if you are considering it, please get in touch with us early on so we can discuss about it and plan it correctly.
    62 KB (9,651 words) - 09:42, 5 March 2014
  • ...c but also controllable and safe environment. After a wonderfull 2014 GSoC with 100 new challenges and a couple of new plugins we're mainly looking to get ...ng language. It has a set of challenges and steps, each providing the user with one or more web application vulnerability which user tries to solve. There
    55 KB (8,491 words) - 12:45, 2 March 2015

View (previous 20 | next 20) (20 | 50 | 100 | 250 | 500)