Updates
Bright Product Update – June 2021
This blog post announces the June 2021 Update for Bright.We added some new features and product enhancements that will make your experience even better. New
July 9, 2021
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
AppSec Testing
Dynamic Application Security Testing (DAST): Ultimate Guide [2022]
What is Dynamic Application Security Testing (DAST)? Dynamic Application Security Testing (DAST) is an Application Security Testing methodology in which the application is tested in
July 7, 2021
Vulnerabilities
XXE Prevention: XML External Entity (XXE) Attacks and How to Avoid Them
XML External Entity Injection (XXE) is one of the most common vulnerabilities. At its core, it’s a web security vulnerability where attackers target and compromise
July 1, 2021
How-To
How to test for Cross-Site Request Forgery?
What is Cross-Site Request Forgery Test? Cross-Site Request Forgery (CSRF) testing is the procedure of finding and remediating CSRF vulnerabilities in web applications. A CSRF
July 1, 2021
AppSec Testing
10 Security Acronyms Every Developer Must Know
The days where security testing is carried out in a penetration test by your security team or a third party firm, are increasingly becoming a
June 30, 2021
Vulnerabilities
File Inclusion Vulnerabilities: What are they and how do they work?
In this article we will cover: What are File Inclusion Vulnerabilities? Types of file inclusion vulnerabilities Local File Inclusion (LFI) Local File Inclusion (LFI) Example
June 22, 2021
How-To
How to Prevent Cross-Site Scripting Attacks?
What is Cross-Site Scripting Prevention? Cross-site scripting prevention is the process of detecting and remediating XSS vulnerabilities in your websites or web applications before they
June 22, 2021
Vulnerabilities
SOAP Security: Top Vulnerabilities and How to Prevent Them
Learn what is the purpose of SOAP APIs, how they function, the main difference between REST and SOAP APIs, and what you can do to
June 18, 2021
Vulnerabilities
CSRF vs XSS: What are their similarity and differences
Both CSRF and XSS are client side attacks. What else do they have in common and what is the difference between them? Learn the answer
June 14, 2021
AppSec Testing
CSRF tokens: What is a CSRF token and how does it work?
CSRF (Cross Site Request Forgery) tokens can be a great mechanism in preventing CSRF attacks, but what are they? How do they protect against CSRF
June 11, 2021
Updates
Bright Product Update – May 2021
This blog post announces the May 2021 Update for Bright.We added some new features and product enhancements that will make your experience even better. New
June 8, 2021
Vulnerabilities
Complete Guide to LDAP Injection: Types, Examples, and Prevention
What is LDAP Injection? Many companies use LDAP services. LDAP serves as a repository for user authentication, and also enables a single sign-on (SSO) environment.
June 2, 2021
Vulnerabilities
How DOM Based XSS Attacks work
What is DOM Based XSS? According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Security researchers
June 2, 2021
AppSec Testing
What is Penetration Testing? Process, Types, and Tools
The term penetration testing (pentesting) refers to processes, tools, and services designed and implemented for the purpose of finding security vulnerabilities. You can run a
June 1, 2021
AppSec Testing
Microservices Security: Challenges and Best Practices
Microservices have become the leading method of application development. Unfortunately, security testing has not evolved quickly enough to address the risks introduced by this mass
May 28, 2021
© 2022 Bright Security Inc. All Rights Reserved