by Bhaumik Shah | Sep 10, 2018 | InfoSec Strategies
A recent security flaw in a financial technology application was discovered by a security researcher. The flaw illustrates a significant benefit of using the OWAS ASVS over the OWASP Top 10 list when verifying an application’s information security. Here’s Why... by Jeremy Sporn | May 29, 2018 | ISMS Consulting
Many teams and organizations rely on the OWASP Top 10 list of the most critical web application security vulnerabilities as a basis for their application security testing, and as high-level guidance for assessing risks and prioritizing remediation of vulnerabilities.... by Bhaumik Shah | Apr 3, 2018 | InfoSec Strategies
File inclusion vulnerabilities, including Remote File Inclusion (RFI) and Local File Inclusion (LFI) are most commonly found in web applications running PHP scripts, but also frequently occur in JSP, ASP and other code. They allow an attacker to submit input to the... by Bhaumik Shah | Mar 27, 2018 | ISMS Consulting
The “OWASP Top 10” list of the most critical web application security risks is widely used as a basis for application security testing and as high-level guidance for assessing risks and prioritizing remediation of vulnerabilities. Recently, for the first time since... by Bhaumik Shah | Feb 13, 2018 | InfoSec Strategies
Enabling users to upload images, videos, documents and all manner of files is essential for many web applications, from social networking sites to web forums to intranet collaboration portals to document repositories to blog sites. But allowing users to upload files...
