DZone·3yTop 10 Secure Coding Practices
This guide will share the top ten secure coding practices that every developer should know. Security breaches rose 20.5% in 2021 as cybercriminals became more sophisticated during the global pandemic. We'll cover the most common forms of cyber attacks that you need to be aware of as a developer.
freeCodeCamp·3yOWASP API Security Top 10 – Secure Your APIs
The OWASP API Security Top 10 is a standard reference guide highlighting the most critical web API vulnerabilities. We just published a course on the freeCodeCamp.org YouTube channel that will teach you about each security risk and techniques to fortify your APIs against potential threats.
InfoSec Write-ups·3yEasy CSRF bypass
Cross-Site Request Forgery is an attack that forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. There should be no protection in place to track users’ requests or any kind of protection like asking secret questions for an update.
Community Picks·3yGoogle Cloud mitigated largest DDoS attack, peaking above 398 million rps
Google mitigated the largest DDoS attack to date, peaking above 398 million requests per second (rps). The attack used a novel technique called HTTP/2 Rapid Reset based on stream multiplexing. Google coordinated with industry partners to understand the attack mechanics and collaborated on mitigations. The attack vulnerability has been designated as CVE-2023-44487 with a CVSS score of 7.5. Any enterprise or individual serving an HTTP-based workload may be at risk and should apply relevant patches or verify server vulnerability.
InfoSec Write-ups·3y15 Essential Tools for Hackers: Supercharge Your Penetration Testing Toolkit!
15 Essential Tools for Hackers: Supercharge Your Penetration Testing Toolkit! We’ll explore 15 indispensable tools that will enhance your skills as a hacker and provide maximum value for your efforts. These tools are essential for anyone seeking to secure their systems effectively.
System Weakness·3yEthical Hacking
Ethical hacking, also known as ‘white hat’ hacking, is the practice of using hacking techniques for the purpose of identifying and resolving security vulnerabilities in computer systems and networks. Ethical hackers play a crucial role in keeping our digital world safe, says Imila Maheshan.
Community Picks·3yThe Top 10 Nmap Scripts to Unlock Network Security
The Top 10 Nmap Scripts to Unlock Network Security Nmap scripts are a powerful tool in your toolkit. They offer a wide range of functionalities, from network discovery to vulnerability assessment and penetration testing. In this article, we'll dive deep into the top 10 N map scripts that every cyber security professional should know.
Noted·3yDocker Vulnerability Scanning 102 - Going Deeper
Docker Vulnerability Scanning 102 - Going Deeper Let's dive deeper into Docker Vulnerability management and security with part 2 of our series. Use Trivy to find vulnerabilities & IaC misconfigurations, SBOM discovery, Cloud scanning, Kubernetes security risks, and more.
Pointer·3ybloomberg/blazingmq: A modern high-performance open source message queuing system
BlazingMQ is an open source distributed message queueing framework. It focuses on efficiency, reliability, and a rich feature set for modern-day workflows. BlazingMQ's back-end (message brokers) has been implemented in C++, Java, and Python.
DZone·3ySecure Code Reviews
Secure code review is essential for ensuring software applications' security and integrity. By examining the codebase for potential vulnerabilities and weaknesses, developers can identify and address security issues. This article will discuss some best practices for conducting a thorough and effective secure code review.
