How-To
How to test for Cross-Site Request Forgery?
What is Cross-Site Request Forgery Test? Cross-Site Request Forgery (CSRF) testing is the procedure of finding and remediating CSRF vulnerabilities in web applications. A CSRF
July 1, 2021
AppSec Blog
Application Security news, research, vulnerabilities, DevSecOps, CI/CD tooling, hacking and more
AppSec Testing
10 Security Acronyms Every Developer Must Know
The days where security testing is carried out in a penetration test by your security team or a third party firm, are increasingly becoming a
June 30, 2021
Vulnerabilities
File Inclusion Vulnerabilities: What are they and how do they work?
In this article we will cover: What are File Inclusion Vulnerabilities? Types of file inclusion vulnerabilities Local File Inclusion (LFI) Local File Inclusion (LFI) Example
June 22, 2021
How-To
How to Prevent Cross-Site Scripting Attacks?
What is Cross-Site Scripting Prevention? Cross-site scripting prevention is the process of detecting and remediating XSS vulnerabilities in your websites or web applications before they
June 22, 2021
Vulnerabilities
SOAP Security: Top Vulnerabilities and How to Prevent Them
Learn what is the purpose of SOAP APIs, how they function, the main difference between REST and SOAP APIs, and what you can do to
June 18, 2021
Vulnerabilities
CSRF vs XSS: What are their similarity and differences
Both CSRF and XSS are client side attacks. What else do they have in common and what is the difference between them? Learn the answer
June 14, 2021
AppSec Testing
CSRF tokens: What is a CSRF token and how does it work?
CSRF (Cross Site Request Forgery) tokens can be a great mechanism in preventing CSRF attacks, but what are they? How do they protect against CSRF
June 11, 2021
Updates
Bright Product Update – May 2021
This blog post announces the May 2021 Update for Bright.We added some new features and product enhancements that will make your experience even better. New
June 8, 2021
Vulnerabilities
Complete Guide to LDAP Injection: Types, Examples, and Prevention
What is LDAP Injection? Many companies use LDAP services. LDAP serves as a repository for user authentication, and also enables a single sign-on (SSO) environment.
June 2, 2021
Vulnerabilities
How DOM Based XSS Attacks work
What is DOM Based XSS? According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Security researchers
June 2, 2021
AppSec Testing
Microservices Security: Challenges and Best Practices
Microservices have become the leading method of application development. Unfortunately, security testing has not evolved quickly enough to address the risks introduced by this mass
May 28, 2021
Vulnerabilities
Blind SQL Injection: How it Works, Examples and Prevention
What is Blind SQL Injection? Blind SQL injections (blind SQLi) occur when a web application is exposed to SQL injection, but its HTTP responses don’t
May 27, 2021
Updates
Bright Product Update – April 2021
This blog post announces the April 2021 Update for Bright. We added some new features and product enhancements that will make your experience even better.
May 24, 2021
AppSec Testing
Aggregating SCA, SAST and DAST Vulnerability Results
DevOps looks to combine the culture, methodologies and tooling of both the software development and operations teams, so companies can deliver new application features at
May 13, 2021
Updates
Bright Product Update – March 2021
This blog post announces the March 2021 Update for Bright. We added some new features and product enhancements that will make your experience even better.
April 13, 2021
© 2022 Bright Security Inc. All Rights Reserved