How can you actively prevent usernames from being enumerated on WordPress author pages?read more
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: Questions #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
CSRF Countermeasures #2: Another way to protect against CSRF – stateless – is the Double Submit Cookie method.read more
The NinjaDVA is our comfortable and flexible training environment.read more
Is your web application vulnerable to SQL Injection? With sqlmap you can test it.read more
CSRF Countermeasures #1: One possibility to prevent CSRF is the usage of an anti-CSRF token.read more
CSRF stands for “Cross-Site Request Forgery” and is a classic among web application attacks. With this attack, it is possible to perform certain user actions without them noticing it. But how exactly does this attack work?read more
At the it-sa 2019 we will present our innovative consulting concept Lean Application Security.read more
Our second office is located in Dresden, the capital of Saxony. Come have a look at our office there!read more
With the topic “How practical is DevSecOps really? – A field report” our colleague Maximiliane Zirm is present at this year’s Heise devSec.read more