Sep 28, 2016
Having a penetration test performed against your applications? Do you have mobile and web applications performing the same functionality? James talks about the reason behind doing these assessments at the same time vs. separate. See why testing your entire offering can add benefit to your security assessment.
Sep 21, 2016
Your pen tester want you to white list them in your WAF? What should you do? Why do they ask? James breaks it down for you in this episode.
For more info go to https://www.developsec.com or follow us on twitter (@developsec).
Presented by Jardine Software Inc. (https://www.jardinesoftware.com)
Sep 15, 2016
We talk HTTP/HTTPS all the time. Google just announced that in January they are going to change how they display their secure/not secure indicators for HTTP sites that have passwords or credit cards. James talks about how this can effect you.
Link to the article:
Sep 7, 2016
Are your login forms secure? Are you sure? In this episode James talks about potential risks with presenting your login forms when using HTTPS and how to avoid them. We often are focused on HTTPS for the submission of credentials, but what about the loading of the form? What about frames?
For more info go to...
Sep 5, 2016
The user interface plays a big part in the security of an application. We often only look at flaws such as XSS, but here James provides an example of the lack of Input Validation messages creating a Denial of Service type situation.
For more info go to https://www.developsec.com or follow us on twitter...