5 SQL Injection Test Methods and Why to Automate Your Testing
What Is SQL Injection Testing? SQL injection tests insert data into your application to verify that you can run user-controlled SQL queries on your database.
May 12, 2022
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
6 DAST Tools You Should Know
What are DAST Tools? Dynamic application security testing (DAST) tools provide automated security testing for various real-world threat scenarios. You can use DAST tools to
May 12, 2022
Union SQL Injection: How It Works and 6 Tips for Prevention
What Is Union SQL Injection? SQL injection is a technique threat actors use to attack applications with a database connection. It occurs when actors send
May 12, 2022
Vulnerabilities
Error-Based SQL Injection: Examples and 5 Tips for Prevention
What Is Error-Based SQL Injection? Error-based SQL injection is an In-band injection technique that enables threat actors to exploit error output from the database to
May 4, 2022
Vulnerabilities
Business Logic Vulnerabilities: Examples and 4 Best Practices
What Are Business Logic Vulnerabilities? Business logic vulnerabilities are design and implementation flaws in software applications. They have a legitimate business function, but can also
May 4, 2022
Vulnerabilities
6 CSRF Mitigation Techniques You Must Know
What Is CSRF (Cross-Site Request Forgery)? Cross-site request forgery (CSRF) is a cyber attack technique in which hackers impersonate a legitimate, trusted user. CSRF attacks
May 4, 2022
AppSec Testing
DAST vs Penetration Testing: What Is the Difference?
What Is DAST? What Is Penetration Testing? Dynamic Application Security Testing (DAST) is a solution used to analyze web applications at runtime to identify security
May 4, 2022
AppSec Testing
3 Simple CSRF Examples: Understand CSRF Once and For All
What is CSRF (Cross Site Request Forgery)? Cross-site request forgery (CSRF) is a technique that enables attackers to impersonate a legitimate, trusted user. CSRF attacks
April 27, 2022
AppSec Testing
SQL Injection Python: Attack Example and 4 Tips for Prevention
What is SQL Injection? SQL injection (SQLi) involves adding malicious code to a database query to gain unauthorized access to a web application’s database. Threat
April 27, 2022
Vulnerabilities
XML External Entity (XXE) Vulnerabilities and How to Fix Them
What Is an XXE Attack? XXE (XML External Entity Injection) is a common web-based security vulnerability that enables an attacker to interfere with the processing
April 11, 2022
Vulnerabilities
SQL Injection Attack: Real Life Attacks and Code Examples
What is a SQL Injection Attack? SQL Injection attacks (or SQLi) alter SQL queries, injecting malicious code by exploiting application vulnerabilities. Successful SQLi attacks allow
April 8, 2022
Uncategorized
IAST
What is Interactive Application Security Testing (IAST)? Interactive application security testing (IAST) solutions help detect and remediate vulnerabilities in web applications, as part of an
April 4, 2022
Uncategorized
8 Free Security Testing Tools You Must Know About
What are Security Testing Tools? In the software world, security testing involves testing a software application to identify vulnerabilities and misconfiguration that could be exploited
April 4, 2022
Vulnerabilities
What is XSS? Impact, Types, and Prevention
What is XSS? Cross site scripting (XSS) is a cyberattack method that involves running malicious code as part of a vulnerable web application. Unlike other
April 4, 2022
Vulnerabilities
Server Side Request Forgery (SSRF) Attacks & How to Prevent Them
Server-Side Request Forgery (SSRF) attacks allow an attacker to make requests to any domains through a vulnerable server. Attackers achieve this by making the server
April 4, 2022
© 2022 Bright Security Inc. All Rights Reserved