Earlier today, I upgraded my installation of Google Chrome from version 68 to version 69. While not a major upgrade, there’s a key security update that I want to draw your attention to. Here’s a quick look at it.
Burp Suite’s Match and Replace rules allow you to change parts of a request and a response — which can be a significant help when testing web applications. In this post, I’ll show you how to create them, so that you’ll know how your web applications will react under various conditions.
A new health record management system is going live in Australia soon. It’s called My Health Record. It will affect every Australian (and potentially temporary and permanent residents as well) as it will store some of their most intimate information — their health records! But do the risks of such a system outweigh the advantages?
There are so many things that we have to get right to creating secure applications. From input validation to output escaping, secure applications take time, effort, and dedication. However, there one thing that doesn’t take much effort, but offers a quick win. Response headers!
Recently, I’ve moved into security at ownCloud. As part of the new role, I’ve had to invest lots of time learning about web application security attack vectors and about applications and tools for testing security.
One of the most common attack vectors against servers is bruteforce login attempts. This is where attackers attempt to access your server, by trying endless combinations of usernames and passwords. So how do you defend yourself against this kind of attack?