Sustainable security from software development to corporate culture (JavaSPEKTRUM 03/2019)
In the current edition of “JavaSPEKTRUM” (issue 03/2019), our colleague Dr. Bastian Braun writes about holistic handling of security to minimize origins, identify errors that have occurred and react to exploitation attempts, from the everyday life of a security consultant.
Read the whole article here (German)
#1 – New Can I Trust Test Case – Browser returns secret out of pre-cached response in a CORS-Request
Update: Our WordPress Author Security Plugin is now available in the WordPress Plugin Store.
How can you actively prevent usernames from being enumerated on WordPress author pages?
In our Big Application Security Penetration Test FAQ for clients we answer everything you should know before, during and after the commissioning of an Application Security Penetration Test.
In focus today: Questions #18 and #19 – How are vulnerabilities found evaluated? And what is the CVSS?
CSRF Countermeasures #2: Another way to protect against CSRF – stateless – is the Double Submit Cookie method.