Menu
Who are you? Who? Who? If you’ve ever hummed that song to yourself when coding, then you already know the fundamental use case for the Lightweight Directory Access Protocol (LDAP). LDAP is the protocol that communicates access and authentication data across various technologies. As a vendor-neutral, open protocol, LDAP works with proprietary directory tools, like […]
READ MOREIntroduction HTTP Security Headers are akin to the guardians of web security, playing a pivotal role in safeguarding web applications against a myriad of threats. However, the path to implementing these headers is riddled with potential missteps. A minor misconfiguration can render them ineffective, exposing your application to exploits. This article will unravel developers’ typical […]
Introduction Race conditions linger as elusive threats in the domain of concurrent programming, creating a fertile ground for inconsistencies and unforeseen security vulnerabilities. These subtle programming bugs arise when multiple processes access shared resources simultaneously, leading to unpredictable and undesirable outcomes. This article will journey through the labyrinth of race conditions, exploring their implications on […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
How to integrate security into the SDLC successfully The world has an insecure software problem, which is why 84% of cyber attacks focus on the application layer. Two major factors have contributed to the writing of insecure code — cumbersome security analysis tools and a strong drive to reach the market quickly. For things to […]
We review the different compliance standards that apply to the software development life cycle (SDLC) along with best practices for meeting them. It’s no surprise that developers are being asked to become security people. According to the 2021 Verizon Data Breach Investigation Report, basic web application attacks were the second most-used patterns found for breaches […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Improper Restriction of XML External Entity Reference When the Executive Order on Improving the Nation’s Cybersecurity (Executive Order) was released in May 2021, it came with some very short deadlines for agencies. Most of the Executive Order’s timelines were in the 45-, 60-, and 90-day range. With that in mind, taking a look at the […]
What every developer should do before they start writing code I talk a lot about finding and fixing vulnerabilities on my blog. But what can you do to prevent vulnerabilities way before they happen? Today, let’s talk about the first step you can take towards a more secure application. A lot of times we think […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
How SQL injection and command injection happen in APIs You’ve probably heard of the OWASP top ten or the top ten vulnerabilities that threaten web applications. OWASP also periodically selects a list of top ten vulnerabilities that threaten APIs, called the OWASP API top ten. The current API top ten are Broken Object Level Authorization, […]
© 2023 Qwiet. All rights reserved.
