Articles by Tag #applicationsecurity
Browse our collection of articles on various topics related to IT technologies. Dive in and explore something new!
Polyfill supply chain attack embeds malware in JavaScript CDN assets
On June 25, 2024, the Sansec security research and malware team announced that a popular JavaScript polyfill project had been taken over by a foreign actor identified as a Chinese-originated company.
How to secure Python Flask applications
In this article, you'll learn about some best practices related to securing Python applications built with the Flask web application framework. You'll start by looking at some insecure configuration examples and then learn how to mitigate and fix any issues.
OWASP® Cornucopia 2.0
I started out as a web designer 16 years ago and my first website got brutally hacked, not...
Essential Node.js backend examples for developers in 2024
Boost your Node.js skills with these backend code snippets for 2024. Copy and paste them into your own projects to save time when building backends.
Fastify plugins as building blocks for a backend Node.js API
This blog post will focus on the foundational building blocks of building backend Node.js APIs using Fastify and its recommended plugins in 2024.
Symmetric vs. asymmetric encryption: Practical Python examples
In this guide, we’ll discuss symmetric and asymmetric encryption, implement them in Python, and explore their best practices.
Uncovering SAST ,DAST ,OWASP Dependency-Check in DevSecOps family (Part-2)
In the first part I uncovered the fundamentals of DevSecOps principles and demonstrates with a...
Breaking caches and bypassing Istio RBAC with HTTP response header injection
This post outlines what we believe to be novel attacks against HTTP application middleware based on the simple foundation of HTTP response header injection.
How to secure a REST API?
In this post, we'll discuss what REST APIs are and how to secure them.
A denial of service Regex breaks FastAPI security
In this blog post, we are going to delve deep into the world of application security, specifically focusing on a vulnerability that can deteriorate FastAPI security: Denial of service (DoS) caused by insecure regular expressions (regex).
What is Application Security?
With our increasing reliance on digital tools, safeguarding sensitive information within applications...
Application Security: Protecting Your Software
Application security is crucial in the digital age, involving processes, tools, and practices to...
The Importance of Web Application Firewall defending against Cyber Threats.
In today's world of growing technological advancement, web applications are necessary for data...
The strategic value of a Security Champions Program.
Implementing a Security Champions Program at your organization offers a strategic advantage in...
Integrating Governance, Processes, People, and Technology with Cloud-Native Application Protection Platforms (CNAPP)
Executive Summary As organizations continue to migrate their workloads to the cloud with multi-cloud...
Create your own card game with OWASP® Cornucopia
As you might now, we recently released OWASP® Cornucopia 2.0 with two new editions, but did...
Application Security vs. Software Security: Difference to Know
What is Application Security? The term application security refers to all the practices...
The Power Duo of Cybersecurity | Network Security and Application Security
In a world with frequent technological changes, maintaining the trustworthiness and protection of...
Integrating the Snyk Language Server with IntelliJ IDEs
We’re excited to announce that the Snyk Language Server (LS for short) can now be integrated with your existing IntelliJ IDEs.
CyberSecurity with ZAP Checkmarx
🔒 Boost Your Application Security with ZAP Checkmarx Ensure robust protection for your applications...
Understanding Application Security: Best Practices, Common Threats, and Essential Tools
In today's digital world, securing applications is more important than ever. With cyber threats on...
The State of Software Supply Chain Security in 2025
Discover the latest trends in software supply chain security with Xygeni's 2025 report. This in-depth...
The persistent threat: Why major vulnerabilities like Log4Shell and Spring4Shell remain significant
Read on to learn about the danger of the continued use of vulnerable Log4j and Spring Framework versions in many projects.
The Future of AppSec
𝐑𝐞𝐠𝐢𝐬𝐭𝐞𝐫 𝐍𝐨𝐰 𝐟𝐨𝐫 𝐎𝐮𝐫 𝐍𝐞𝐱𝐭 𝐒𝐚𝐟𝐞𝐃𝐞𝐯 𝐓𝐚𝐥𝐤 𝐨𝐧 𝐀𝐒𝐏𝐌 𝐓𝐚𝐥𝐤: 𝐓𝐡𝐞 𝐅𝐮𝐭𝐮𝐫𝐞 𝐨𝐟 𝐀𝐩𝐩𝐒𝐞𝐜! Application security is...