Menu
Who are you? Who? Who? If you’ve ever hummed that song to yourself when coding, then you already know the fundamental use case for the Lightweight Directory Access Protocol (LDAP). LDAP is the protocol that communicates access and authentication data across various technologies. As a vendor-neutral, open protocol, LDAP works with proprietary directory tools, like […]
READ MOREIntroduction HTTP Security Headers are akin to the guardians of web security, playing a pivotal role in safeguarding web applications against a myriad of threats. However, the path to implementing these headers is riddled with potential missteps. A minor misconfiguration can render them ineffective, exposing your application to exploits. This article will unravel developers’ typical […]
Introduction Race conditions linger as elusive threats in the domain of concurrent programming, creating a fertile ground for inconsistencies and unforeseen security vulnerabilities. These subtle programming bugs arise when multiple processes access shared resources simultaneously, leading to unpredictable and undesirable outcomes. This article will journey through the labyrinth of race conditions, exploring their implications on […]
Introduction The world of application development is a balance between providing features and ensuring security. One tool that stands as a bridge between functionality and security is the JSON Web Token (JWT). While powerful and versatile, like all tools, it requires understanding and caution in its implementation. A Primer on JWTs JWT is a concise, […]
You can admit it. You love Docker because it makes building, testing, and shipping software easier for you. The problem is that attackers love Docker, too. Even if you’re already scanning for Docker container vulnerabilities, your code could still create a data security risk. The good news is that OWASP has your back. Recognizing that […]
Every day, another zero-day, previously unknown vulnerability seems to hit the news cycle. As a developer, staying up-to-date with the newest vulnerability is challenging, but they’re only the tip of the vulnerability iceberg. As soon as researchers publish their zero-day vulnerability, the issue transforms into a known vulnerability. Now, security teams and attackers race against […]
On July 27, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a joint advisory with the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA). “Preventing Web Application Control Abuse” (the Advisory) provides recommendations for designers and developers to help protect against insecure direct object reference (IDOR) vulnerabilities. If […]
Remote code execution (RCE) has been a part of many cybersecurity news headlines throughout the past few years. When attackers exploit an RCE vulnerability, they can gain complete control over the target machines or systems, almost like an invisible hand puppeteering the technologies. As a developer, you should know how to identify and remediate a […]
I’m sure we’re all familiar with the idea made popular by Malcolm Gladwell’s book Outliers that it takes 10,000 hours to truly master something. Based on the paper “The Role of Deliberate Practice in the Acquisition of Expert Performance“, the research data indicates that people who are experts in a field got to that level […]
© 2023 Qwiet. All rights reserved.
