Key Changes Guide – Willow vs Danzell Understand what’s changing from Willow to Danzell, what could now cause an automatic fail, and what your organisation needs to do before the new question set goes live. Download the guide to learn: When Danzell goes live and how the Willow grace period works for CE Basic and […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In this tenth and final instalment, we will describe one of the key threats that organisations face in the digital world in a high-level overview of Server-Side Request Forgery (SSRF). Understanding Server-Side Request Forgery (SSRF) Server-Side Request Forgery is a […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In the ninth instalment, we continue to deliver a high-level overview of the key threats that organisations face in the digital world. Today’s focus is on Security Logging and Monitoring Failures. Understanding Security Logging and Monitoring Failures? Previously ranked tenth […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021. In the eighth instalment, we continue to deliver a high-level overview key threats that organisations face in the digital world. Today’s focus is on Software and Data Integrity Failures. Understanding Software and Data Integrity Failures Previously unranked in the OWASP […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In today’s seventh instalment, the focus is on Identification and Authentication Failures. Understanding Identification and Authentication Failures This issue previously occupied second […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In the sixth instalment of the series, today’s focus is on Vulnerable and Outdated Components. What are Vulnerable and Outdated Components? If […]
Welcome back to our ten-part blog series on the OWASP Top Ten list of 2021, where we are taking a light look at the common threats in the digital space that organisations face. In the fifth instalment of the series, today’s focus is on the often-underestimated area of Security Misconfigurations. What are Security Misconfigurations? Security […]
In the fourth entry of our ten-part blog series on the OWASP Top Ten list, we are taking a brief look at Insecure Design. Insecure Design as a category of vulnerabilities is a new edition to the OWASP Top Ten list when compared to historical versions. The category itself is considered quite broad in terms […]
In the third entry of this ten-part blog series, we will take a brief look at A03:2021: Injection. According to its high placement on the OWASP Top Ten list, web applications are often found to be vulnerable to Injection attacks through multiple vectors. Injection attacks can occur if an application sends untrusted data to an […]
