Resource Center  >  Blog

How-To

JUnit Testing: The Basics and a Quick Tutorial

What Is JUnit Testing in Java Programming?  When you’re creating a Java application, you want to make sure it’s functioning as expected. This is where JUnit testing comes in. JUnit is a unit testing framework for the Java programming language. It plays a crucial role in test-driven development (TDD), where you write unit tests before

JWT, or How I Left my Front Door Open

Imagine for a moment, the most exciting day for a product launch, main features developed, hearts palpitating, shoulders have been cried upon, many nights have been rushed working, product managers are exhausted, everybody is heavy, tears of joy rushing from their eyes…three, two, one and….Launch!  The product is live as a SaaS service… A sigh

Unit Testing vs. Integration Testing: 4 Key Differences and How to Choose

Unit testing is a software testing technique where the individual components or units of a product are tested. Integration testing is a software testing approach in which individual software modules are combined and tested as a group.

Best Practices for Secure Coding in Web Applications

Secure coding refers to the practice of writing software code in a manner that minimizes vulnerabilities and guards against potential cyber threats. It involves adhering to established coding standards, employing robust coding techniques, and leveraging security best practices throughout the software development lifecycle. Secure coding serves as a primary defense against malicious attacks and vulnerabilities

How I bypassed an Imperva WAF and obtained XSS

Summary: Cross-Site Scripting (XSS) is a type of security vulnerability commonly found in web applications. It occurs when a web application allows malicious actors to inject malicious code (usually JavaScript) into web pages viewed by other users. This allows the attacker to execute arbitrary code within the context of another user’s browser, potentially stealing sensitive

An Introduction to the Importance of Input Validation in Preventing Security Vulnerabilities

In today’s rapidly evolving digital landscape, where technology fuels both innovation and convenience, ensuring the security of our digital assets remains a critical concern. At the heart of creating robust application security lies the fundamental and most important concept of input validation.  In this blog post, we will introduce the significance of input validation and

DAST for PCI DSS compliance

By mapping Dynamic Application Security Testing (DAST) to the Payment Card Industry Data Security Standard (PCI DSS) requirements, organizations can effectively strengthen their application security and ensure compliance with industry standards. DAST provides a proactive approach to security by enabling businesses to identify vulnerabilities and address them before they can be exploited, thus safeguarding cardholder

Mobile App Security Testing: Tools and Best Practices

What Is Mobile Application Security Testing?  Mobile application security testing is the process of assessing, analyzing, and evaluating the security posture of mobile applications to identify potential vulnerabilities, weaknesses, and risks.  This testing aims to ensure the confidentiality, integrity, and availability of data and functionality in mobile applications, protecting them from unauthorized access, data breaches,

Web Application Testing: Tips & Best Practices

Web application testing is a process that ensures the application is ready to launch without safety concerns and reliability issues. Our main point of concern in web application testing is making sure that the security is up to the standard as security becomes a bigger and bigger issue on the internet with each passing day.

Mocha Testing: 4 Key Features and a Quick Tutorial

What is Mocha Testing Framework? Mocha.js is an open source JavaScript unit testing framework that runs in Node.js and executes tests directly in the browser. Mocha supports most assertion libraries, but is typically used in conjunction with Chai for Node.js.  Its key capabilities include: In this article: 4 Mocha Features and Functions 1. Configuring Mocha

Deserialization: How it Works and Protecting Your Apps

Insecure deserialization vulnerabilities involve the use of unknown or untrusted data and can result in attacks such as denial of service (DoS), malicious code execution, bypassing authentication measures or other abuses of application logic.

8 Free Security Testing Tools You Must Know About

In the software world, security testing involves testing a software application to identify vulnerabilities and misconfiguration that could be exploited by an attacker. These could be as simple as a default admin password, or as complex as an injection vulnerability deep in the application code. 

Pen Testing with Python: Pros and Cons

Pen Testing is a process of protecting your system from cyber attacks. This is achieved by executing various malicious programs in order to exploit and learn about any possible vulnerabilities that might occur on your system. 

How to test for Cross-Site Request Forgery Featured

How to test for Cross-Site Request Forgery?

Cross-Site Request Forgery (CSRF) testing is the procedure of finding and remediating CSRF vulnerabilities in web applications. A CSRF attack tricks users into submitting a malicious request.

cross site scripting prevention

How to Prevent Cross-Site Scripting Attacks?

In this article you will learn the best practices for cross-site scripting prevention and how you can implement them immediately.

web application penetration testing banner

Web Application Penetration Testing: A Practical Guide

Web application penetration testing, also known as pentesting, simulates attacks against your web applications, to help you identify security flaws and weaknesses so they can be remediated. You can use penetration tests to detect vulnerabilities across web application components and APIs including the backend network, the database, and the source code. 

Your Website got Hacked? Here is what you should do!

Has your website been hacked? Don’t panic! We prepared a simple list of steps for you to follow to recover it.

Discover and Remediate OWASP Top 10 Vulnerabilities using AIAST®

The information age has advanced the way in which our society generates, stores and exchanges information. Hyperconnectivity, availability and business networking are great benefits of this era. However, we are facing significant new challenges in the realm of cybersecurity and information security, dictating the need for new solutions and a fresh approach to keep up with ever-evolving threats.

Integrating Bright scanning into Azure DevOps

DevOps focuses on speedy completion of the development processes for faster delivery of products and services at a higher quality. Not considering security in the development process can leave your application vulnerable to attacks.

Get Started
Read Bright Security reviews on G2