Skip to content
Navigation menu
Search
Powered by
Search
Algolia
Log in
Create account
DEV Community
Close
#
appsec
Follow
Hide
Posts
Left menu
👋
Sign in
for the ability to sort posts by
relevant
,
latest
, or
top
.
Right menu
Why Current Methods Fail to Measure Real Vulnerability Risks?
SHUBHENDU SHUBHAM
SHUBHENDU SHUBHAM
SHUBHENDU SHUBHAM
Follow
Feb 6
Why Current Methods Fail to Measure Real Vulnerability Risks?
#
security
#
cybersecurity
#
sast
#
appsec
Comments
Add Comment
2 min read
How Reachability Analysis 🔎 can help with open source vulnerabilities mess (Coana as an example)
Mohamed AboElKheir
Mohamed AboElKheir
Mohamed AboElKheir
Follow
Jan 22
How Reachability Analysis 🔎 can help with open source vulnerabilities mess (Coana as an example)
#
appsec
#
security
#
cybersecurity
#
design
Comments
Add Comment
10 min read
Lessons Learned #4: One error message could expose all your data (FileSender CVE-2024–45186)
Mohamed AboElKheir
Mohamed AboElKheir
Mohamed AboElKheir
Follow
Jan 20
Lessons Learned #4: One error message could expose all your data (FileSender CVE-2024–45186)
#
appsec
#
security
#
cybersecurity
#
design
Comments
Add Comment
5 min read
Lessons Learned #3: Is your random UUID really random? (Account takeover with the sandwich 🥪 attack)
Mohamed AboElKheir
Mohamed AboElKheir
Mohamed AboElKheir
Follow
Jan 19
Lessons Learned #3: Is your random UUID really random? (Account takeover with the sandwich 🥪 attack)
#
appsec
#
security
#
cybersecurity
#
design
Comments
Add Comment
7 min read
Leveraging Large Language Models for Cross-Component Vulnerability Detection
Jonathan Santilli
Jonathan Santilli
Jonathan Santilli
Follow
Jan 17
Leveraging Large Language Models for Cross-Component Vulnerability Detection
#
ai
#
llm
#
appsec
Comments
Add Comment
3 min read
How to pass the OWASP MASVS verification by design
johan sydseter
johan sydseter
johan sydseter
Follow
for
OWASP® Foundation
Feb 14
How to pass the OWASP MASVS verification by design
#
appsec
#
mobile
#
cybersecurity
#
security
4
reactions
Comments
Add Comment
6 min read
SQL Injection: the vulnerability that refuses to die
Jonathan Santilli
Jonathan Santilli
Jonathan Santilli
Follow
Jan 7
SQL Injection: the vulnerability that refuses to die
#
appsec
#
coderemediation
#
sast
#
ai
Comments
Add Comment
4 min read
Access Control Security: Learning from Major Data Breaches
Jonathan Santilli
Jonathan Santilli
Jonathan Santilli
Follow
Jan 1
Access Control Security: Learning from Major Data Breaches
#
securityengineering
#
owasp
#
cybersecurity
#
appsec
Comments
Add Comment
5 min read
My VAPT Learning Journey
Nitin Kumar
Nitin Kumar
Nitin Kumar
Follow
Dec 15 '24
My VAPT Learning Journey
#
vapt
#
cybersecurity
#
appsec
#
learning
Comments
Add Comment
3 min read
Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature (Clickhouse CVE-2024-22412)
Mohamed AboElKheir
Mohamed AboElKheir
Mohamed AboElKheir
Follow
Sep 25 '24
Lessons Learned #2: Your new feature could introduce a security vulnerability to your old feature (Clickhouse CVE-2024-22412)
#
appsec
#
security
#
cybersecurity
#
design
Comments
Add Comment
4 min read
Why Security Misconfigurations Matter and 5 Ways to Prevent Them
Pynt.io
Pynt.io
Pynt.io
Follow
Oct 21 '24
Why Security Misconfigurations Matter and 5 Ways to Prevent Them
#
api
#
security
#
pynt
#
appsec
Comments
Add Comment
1 min read
API Security Tools: Threat Protection vs. Testing & 8 Tools to Know
Pynt.io
Pynt.io
Pynt.io
Follow
Oct 13 '24
API Security Tools: Threat Protection vs. Testing & 8 Tools to Know
#
api
#
cybersecurity
#
apisecurity
#
appsec
5
reactions
Comments
Add Comment
1 min read
API Security: Threats, Tools, and Best Practices
Pynt.io
Pynt.io
Pynt.io
Follow
Oct 13 '24
API Security: Threats, Tools, and Best Practices
#
appsec
#
infosec
#
owasp
#
api
5
reactions
Comments
Add Comment
1 min read
Prevention: It's Time to Save Those Millions
bfuller
bfuller
bfuller
Follow
Sep 3 '24
Prevention: It's Time to Save Those Millions
#
devops
#
appsec
#
security
#
operations
1
reaction
Comments
Add Comment
2 min read
Introducing Omni4J: Secure your Java code
aliv
aliv
aliv
Follow
Aug 13 '24
Introducing Omni4J: Secure your Java code
#
java
#
appsec
#
softwaredevelopment
#
security
Comments
Add Comment
2 min read
DEF CON 32: What We Learned About Secrets Security at AppSec Village
Dwayne McDaniel
Dwayne McDaniel
Dwayne McDaniel
Follow
for
GitGuardian
Sep 6 '24
DEF CON 32: What We Learned About Secrets Security at AppSec Village
#
defcon
#
appsec
#
security
#
cybersecurity
8
reactions
Comments
1
comment
9 min read
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase CVE-2023–38646)
Mohamed AboElKheir
Mohamed AboElKheir
Mohamed AboElKheir
Follow
Sep 3 '24
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase CVE-2023–38646)
#
security
#
cybersecurity
#
design
#
appsec
Comments
Add Comment
4 min read
Compreendendo o SAMM
brmartin | Bruno Martins
brmartin | Bruno Martins
brmartin | Bruno Martins
Follow
Jul 12 '24
Compreendendo o SAMM
#
owasp
#
samm
#
appsec
1
reaction
Comments
Add Comment
6 min read
Web Security and Bug Bounty Hunting: Knowledge, Tools, and Certifications
maz4l
maz4l
maz4l
Follow
Jul 10 '24
Web Security and Bug Bounty Hunting: Knowledge, Tools, and Certifications
#
bugbountyhunter
#
ethicalhacking
#
webdev
#
appsec
3
reactions
Comments
Add Comment
3 min read
Understanding the Distinction Between Information Security and Cybersecurity
maz4l
maz4l
maz4l
Follow
Jul 10 '24
Understanding the Distinction Between Information Security and Cybersecurity
#
infosec
#
cybersecurity
#
webdev
#
appsec
Comments
Add Comment
2 min read
Secure SDLC (Part 1): issues, approach, tech metrics, team’s KPI
Ivan Piskunov
Ivan Piskunov
Ivan Piskunov
Follow
Apr 16 '24
Secure SDLC (Part 1): issues, approach, tech metrics, team’s KPI
#
devsecops
#
sdlc
#
appsec
#
asoc
1
reaction
Comments
Add Comment
6 min read
Next.js: consequence of AppRouter on your CSP
0xdbe
0xdbe
0xdbe
Follow
Mar 7 '24
Next.js: consequence of AppRouter on your CSP
#
security
#
appsec
#
nextjs
Comments
Add Comment
3 min read
Creating a DevSecOps pipeline with Jenkins — Part 1
Ata Seren
Ata Seren
Ata Seren
Follow
Mar 17 '24
Creating a DevSecOps pipeline with Jenkins — Part 1
#
jenkins
#
devsecops
#
devops
#
appsec
1
reaction
Comments
Add Comment
12 min read
Mastering Application Security: The Power of Rate Limiting
Benson Macharia
Benson Macharia
Benson Macharia
Follow
Mar 15 '24
Mastering Application Security: The Power of Rate Limiting
#
appsec
#
laravel
#
api
#
owasp
7
reactions
Comments
Add Comment
6 min read
Next.js: Crafting a Strict CSP
0xdbe
0xdbe
0xdbe
Follow
Mar 7 '24
Next.js: Crafting a Strict CSP
#
security
#
appsec
#
nextjs
1
reaction
Comments
1
comment
4 min read
loading...
We're a place where coders share, stay up-to-date and grow their careers.
Log in
Create account