[This is a copy of my blog post on the Rapid7 site – https://www.rapid7.com/blog/post/2019/05/02/how-insightappsec-can-help-you-improve-your-approach-to-application-security/] This is part three of a three-part series on application security. […]
We appreciate Kevin Beaver’s recent blog post about NTOSpider’s unique ability to authenticate on some of the trickiest applications and stay properly logged-in throughout the scan. At NTO we take pride […]
This November I will be presenting at AppSec USA, Revenge of the Geeks: Hacking Fantasy Football. So this year, I am starting a hackers only fantasy football league. Come join us to have fun and maybe make a little money!
An Indian researcher, Prakhar Prasad found a Blind SQL Injection vulnerability in the Paypal Notifications (https://www.paypal-notify.com) application as part of a bug bounty program. The bug enabled him to […]
Continuing my series of write-ups on the talks I attended at AppSecUSA this year. Sherif Koussa (@Skoussa) who is a Principal Application Security Consultant at Software Secured presented this talk […]