Web applications remain the largest security risk for any company. The reason is two-fold. First, most software services have moved to a web based environment giving malicious hackers a much larger landscape to attack. Second, most organizations put a majority of their resources, i.e. dollars and manpower, into network and perimeter security leaving the web unguarded. In most cases, it is up to the web developer to secure sites as best they can. Those who know how to patch known vulnerabilities in...
A SQL injection is a common programming error the consequences of which can be really devastating. Many successful hacking attacks start when a hacker discovers a vulnerability that gives an opportunity to inject SQL code. When an SQL injection occurs, the structure of an SQL query is compromised and as a result you are left at the mercy of the potential hackers. If there is a vulnerability found, hackers can exploit it to gain access not only to your site and database but in extreme cases also to your corporate...
Alice created a new social network for snowboarders to promote her company’s new line of boards. Now, a member of the social network can read reviews from other satisfied customers and click a link that brings them right to a shopping cart feature so they can make an easy purchase. Happy with the way things look, and with the thought of all the potential sales, her boss gives her the OK for the site to go live. Mallory visits the network and creates a review of her own. Noticing that she can enter a client-side...