Hi Jack,
I am a security engineer as well.
I would recommend to start with reading the OWASP Top Ten and figure out if your app, service, etc... follow the very basic rules described there.
I see very often that developers don't know/care enough about security and release really unsecure piece of software that could be way more challenging for "BlackHat Hackers" and so remove all the "basic" flaws that you can encounter.
Hi Jack,
I am a security engineer as well.
I would recommend to start with reading the OWASP Top Ten and figure out if your app, service, etc... follow the very basic rules described there.
I see very often that developers don't know/care enough about security and release really unsecure piece of software that could be way more challenging for "BlackHat Hackers" and so remove all the "basic" flaws that you can encounter.
and yes!! those are top!