Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
As a company that is constantly working with our penetration testing clients on understanding where they should focus their efforts, qualifying risk is second-nature to us. On one hand, we never want to undersell a risk, and have a client accept that risk based on an improperly informed position. On the other hand, I think …
Waving the White Flag: Why InfoSec should stop caring about HTTPOnly Read More »