Transient Blockage of the Internal Iliac Artery

The internal iliac artery is a crucial blood vessel in the pelvis, responsible for supplying blood to various organs and tissues in the lower abdomen and pelvic region. Sometimes, individuals may experience a transient blockage in this artery, which can lead to various symptoms and complications. In this article, we will explore the causes, symptoms, Read More >>>>

GraphQL

GraphQL is an open source query language originally developed by Facebook that can be used to build APIs as an alternative to REST and SOAP. It has gained popularity since its inception in 2012 because of the native flexibility it offers to those building and calling the API. There are GraphQL servers and clients implemented in Read More >>>>

Forgot Password Service

In order to implement a proper user management system, systems integrate a Forgot Password service that allows the user to request a password reset. Even though this functionality looks straightforward and easy to implement, it is a common source of vulnerabilities, such as the renowned user enumeration attack. The following short guidelines can be used as a quick Read More >>>>

File upload

File upload is becoming a more and more essential part of any application, where the user is able to upload their photo, their CV, or a video showcasing a project they are working on. The application should be able to fend off bogus and malicious files in a way to keep the application and the Read More >>>>

Error Handling

Error handling is a part of the overall security of an application. Except in movies, an attack always begins with a Reconnaissance phase in which the attacker will try to gather as much technical information (often name and version properties) as possible about the target, such as the application server, frameworks, libraries, etc. Unhandled errors can assist an attacker in this Read More >>>>

The .NET Framework

The .NET Framework is Microsoft’s principal platform for enterprise development. It is the supporting API for ASP.NET, Windows Desktop applications, Windows Communication Foundation services, SharePoint, Visual Studio Tools for Office and other technologies. The .NET Framework constitutes a collection of APIs that facilitate the usage of an advanced type system, managing data, graphics, networking, file Read More >>>>

Docker Containerization Technology

Docker is the most popular containerization technology. Upon proper use, it can increase the level of security (in comparison to running applications directly on the host). On the other hand, some misconfigurations can lead to downgrade the level of security or even introduce new vulnerabilities. The aim of this cheat sheet is to provide an Read More >>>>

Django framework is a powerful Python web framework

The Django framework is a powerful Python web framework, and it comes with built-in security features that can be used out-of-the-box to prevent common web vulnerabilities. This cheat sheet lists actions and security tips developers can take to develop secure Django applications. It aims to cover common vulnerabilities to increase the security posture of your Read More >>>>

Django REST Framework

The Django REST framework abstracts developers from quite a bit of tedious work and provides the means to build APIs quickly and with ease using Django. New developers, those unfamiliar with the inner workings of Django, likely need a basic set of guidelines to secure fundamental aspects of their application. The intended purpose of this Read More >>>>

Guidance on Deserializing Objects Safely

Serialization is the process of turning some object into a data format that can be restored later. People often serialize objects in order to save them for storage, or to send as part of communications. Deserialization is the reverse of that process, taking data structured in some format, and rebuilding it into an object. Today, the most Read More >>>>

Anti-DoS Methods

Because anti-DoS methods cannot be one-step solutions, your developers and application/infrastructure architects must develop DoS solutions carefully. They must keep in mind that “availability” is a basic part of the CIA triad. Remember that if every part of the computing system within the interoperability flow does not function correctly, your infrastructure suffers. A successful DoS attack Read More >>>>

Transport Layer Protection

This cheat sheet provides guidance on securely configuring and using the SQL and NoSQL databases. It is intended to be used by application developers when they are responsible for managing the databases, in the absence of a dedicated database administrator (DBA). For details about protecting against SQL Injection attacks, see the SQL Injection Prevention Cheat Sheet. Read More >>>>