OWASP Top 10 Risks and How to Prevent Them
What is the OWASP Top 10? The Open Web Application Security Project (OWASP) is a non-profit organization that strives to improve web application security by
June 20, 2022
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
AppSec Testing
Unit Testing in Angular: The Basics and a Quick Tutorial
What Is Unit Testing in Angular? Angular is an application design framework and development platform for creating complex, high performance single page applications. Angular unit
June 20, 2022
AppSec Testing
Top 7 Unit Testing Frameworks: A Quick Comparison
What is a Unit Testing Framework? Unit testing is a common skill among software developers—chances are you have at least some experience writing unit tests.
June 20, 2022
AppSec Testing
Unit Testing Best Practices: 9 Ways to Make Unit Tests Shine
What Is Unit Testing? A unit test validates and verifies individual software units (or components) to ensure each unit works as intended. A unit may
June 20, 2022
Updates
Bright Product Update – May 2022
We’ve made a bunch of improvements and released new features for the Bright app and API security scanner. Give them a spin! Improved authentication flow
June 8, 2022
AppSec Testing
DevSecOps vs DevOps: What’s Different and How to Make the Move
What Is DevOps? What Is DevSecOps? DevOps promotes communication, collaboration, automation, and integration between software developers and IT operations. The goal is to improve software
June 6, 2022
Vulnerabilities
PHP Code Injection: Examples and 4 Prevention Tips
What is PHP Code Injection? A code injection attack exploits a computer bug caused by processing invalid data. The attacker introduces (or injects) code into
June 6, 2022
AppSec Testing
Unit Testing vs. Functional Testing: In-Depth Comparison
What is Unit Testing? What is Functional Testing? Unit testing involves isolating the smallest testable parts of an application into units that you can verify
May 30, 2022
AppSec Testing
What Are Penetration Testing and Vulnerability Assessment?
What Is Penetration Testing? What Is Vulnerability Assessment? Penetration testing is a security method that allows organizations to identify, test, and prioritize vulnerabilities in computer
May 30, 2022
AppSec Testing
8 Critical Web Application Vulnerabilities and How to Prevent Them
What Are Web Application Vulnerabilities? A web application vulnerability is any system flaw that an attacker can exploit to compromise a web application. Web vulnerabilities
May 30, 2022
AppSec Testing
What is Penetration Testing? Process, Types, and Tools
The term penetration testing (pentesting) refers to processes, tools, and services designed and implemented for the purpose of simulating attacks and data breaches, and finding
May 29, 2022
How-To
Deserialization: How it Works and Protecting Your Apps
What Is Deserialization? Insecure deserialization vulnerabilities involve the use of unknown or untrusted data and can result in attacks such as denial of service (DoS),
May 29, 2022
AppSec Testing
5 DNS Attack Types and How To Prevent Them
What Is a Domain Name Server (DNS) Attack? DNS is a fundamental form of communication. It takes user-inputted domains and matches them with an IP
May 29, 2022
Vulnerabilities
Security Misconfiguration: Impact, Examples, and Prevention
What Is Security Misconfiguration? Security misconfiguration occurs when security settings are not adequately defined in the configuration process or maintained and deployed with default settings.
May 29, 2022
Vulnerabilities
Command Injection: How it Works and 5 Ways to Protect Yourself
What is Command Injection? A command injection involves the exploitation of a vulnerable application for the purpose of executing arbitrary commands on its host operating
May 29, 2022
© 2022 Bright Security Inc. All Rights Reserved