From Web Development to Cybersecurity – A Decade of Lessons
This article is not a guide. It is more of a reflection that may include some guides. The…
Cybersecurity
82 posts
Application Security 101: Understanding DevSecOps – A Developer’s Guide
What is DevOps security? Known easily as DevSecOps, the definition is pretty much straightforward: integrating security practices into…
Cybersecurity 101: OWASP Top 10 for LLM Applications, updated for 2025
In an expected turn of events, OWASP has released the Top 10 for Large Language Models, updated for…
Web Security 101: Understanding Cross-Origin Resource Sharing (CORS)
Continuing the web security headers series, after covering HSTS (Strict Transport Security), and CSP (Content Security Policy), now…
Critical Authentication Bypass Found in Really Simple Security: 4M WordPress Sites at Risk
Wordfence’s Threat Intelligence team has identified a critical authentication bypass vulnerability affecting over 4 million WordPress sites that…
Cyber Resilience Act: Security Requirements in Development
On October 10th, 2024, the EU Parliament mandated security standards for connected software with the enactment of the…
PostgreSQL PL/Perl Vulnerability: ENV Variable Exploit & Dev Notes
Researchers have discovered a high-severity vulnerability in PostgreSQL’s PL/Perl trusted language extension that could allow attackers to execute…
Web Security 101: Understanding Strict-Transport-Security Headers
In this series of evaluating web security headers, we are now diving in with HSTS, the HTTP Strict-Transport-Security…
Introduction to Offensive Security – The Ethics and Legality of Cybersecurity
Offensive security practices like penetration testing and red teaming are used to identify and address vulnerabilities before malicious…
Web Security 101: Understanding Content Security Policy Headers (CSP)
Content security policy (CSP) is a browser feature that can help minimize the risk of a multitude of…