by Bhaumik Shah | Apr 3, 2018 | InfoSec Strategies
File inclusion vulnerabilities, including Remote File Inclusion (RFI) and Local File Inclusion (LFI) are most commonly found in web applications running PHP scripts, but also frequently occur in JSP, ASP and other code. They allow an attacker to submit input to the...
by Bhaumik Shah | Feb 13, 2018 | InfoSec Strategies
Enabling users to upload images, videos, documents and all manner of files is essential for many web applications, from social networking sites to web forums to intranet collaboration portals to document repositories to blog sites. But allowing users to upload files...
by Bhaumik Shah | Jan 19, 2018 | ISO 27001 Certification
The OWASP Application Security Verification Standard (ASVS) is a list of application security requirements or tests that architects, developers, testers, security professionals, and even consumers can use to define what constitutes a secure application. In this post,...
by Bhaumik Shah | Sep 7, 2017 | InfoSec Strategies
Pivot Point Security will soon be among the first information security firms to begin using the OWASP Application Security Verification Standard (ASVS) across its application security testing practice. As I blogged about back in mid-August, this shift has...
by Bhaumik Shah | Aug 16, 2017 | InfoSec Strategies
As I blogged about back in March, Pivot Point Security will soon be using the OWASP ASVS (Application Security Verification Standard) across its application security testing practice. We are proud to be among the first information security firms to make the shift to...
