by Andrea VanSeveren | Mar 24, 2021 | IoT Security
Reading Time: 3 minutes
The OWASP Foundation is a globally respected source of guidance on web application security. Many cybersecurity practitioners will be familiar with OWASP’s well-known Top 10 and Application Security Verification Standard (ASVS)...
by Andrea VanSeveren | Mar 19, 2021 | IoT Security
Reading Time: 2 minutes
If you’re involved with cybersecurity, you’re probably aware of the OWASP Foundation, a leading authority globally on application security. OWASP is famous for its Top 10 and Application Security Verification Standard (ASVS)...
by Andrea VanSeveren | Mar 17, 2021 | IoT Security
Reading Time: 2 minutes
If you’re charged with testing Internet of Things (IoT) devices or systems, we feel your pain. As the IoT explodes in diversity and complexity, IoT solutions often evolve into multi-component ecosystems with webs of potential...
by Bhaumik Shah | Feb 12, 2019 | InfoSec Strategies
Reading Time: 5 minutes
In recent web application assessments, I’ve found a number of client applications that have cross-origin resource sharing (CORS) vulnerabilities—which I flagged as Critical because they left the application wide open to a range of...
by Bhaumik Shah | Sep 10, 2018 | InfoSec Strategies
Reading Time: 2 minutes
A recent security flaw in a financial technology application was discovered by a security researcher. The flaw illustrates a significant benefit of using the OWAS ASVS over the OWASP Top 10 list when verifying an application’s...
