Month: January 2019

Three C-Words of Web App Security: Part 3 – Clickjacking

This is the third and final part in this three-part series, Three C-Words of Web Application Security. I wrote a sort of prologue back in April, called A Brief Evolution of Web Apps, just to set the scene for those less versed in web application history. The first part, which was on CORS (Cross-Origin Resource …

Three C-Words of Web App Security: Part 3 – Clickjacking Read More »

Fuzz Testing

If you have a brand new piece of software, a program, a network, or an operating system, you will want to test it for any bugs, coding errors or other potential issues before it goes live. Fuzzing is a great way to do so. It’s also a good method to perform quality checks of your …

Fuzz Testing Read More »

What is Physical Security?

What’s Physical Security? Ok, I’m just going to say it,  I’m a physical security guy in a IT security world.  So why physical security for IT? Easy, you can not have a secure network without a secure environment around it.  After all Physical Security is part of the CISSP isn’t it? I have conducted many …

What is Physical Security? Read More »

Stored XSS; What Is It

In the cyber security world, there are a number of vulnerabilities to be aware of. Today we’re going to look at a specific one; Stored Cross-Site Scripting (XSS). Let’s start off by answering; what is cross-site scripting? An XSS attack is a type of injection that sends data through trusted sources, like web requests.  This …

Stored XSS; What Is It Read More »

Scroll to Top