An XML External Entity (XXE) attack uses malicious XML constructs to compromise an application. Using an XML External Entity Attack, an attacker can steal confidential...
Cyberattacks don’t come in just one form or fashion. Cyberattackers use several different techniques and avenues to breach security. One of the most popular is...
Open redirect attacks are a growing issue in web applications nowadays, as there are many serious vulnerabilities open redirects can lead to. As applications increasingly...
Following up on the announcement of our partnership with Snyk in April, we are delighted to announce another big day for StackHawk. We have secured...
DENVER, Colo. – May 12, 2022 – StackHawk, the company making application security testing part of software delivery, has secured $20.7 million in capital co-led...
We can perform all kinds of activities online, such as shopping, internet surfing, reading books, banking, and more. But have you considered how we’re able...
Excessive data exposure is when an API responds to a request with more data than required. Superficially, it looks like a design flaw. In reality,...
Broken object-level authorization (BOLA) happens when a user has the ability to gain access to information that only a system administrator should see. This means...
Authentication is one of the key policies of any application. This policy can control and protect the resources from unauthorized access. But if not implemented...
An API is essentially a tool to provide an interface for the client with the software—that’s what they do. Some of the API methods modify...
As a front-end developer, you’ve built tons of great features. You’ve handcrafted amazing UI/UX elements. You’ve probably also catered to security concerns in a web...
For software engineers, it may be easy to assume that no hacker would target our app since it isn’t big or well known. This attitude...