9 Misconceptions about Web and Mobile Applications Security Web and mobile applications are at the core of most companies’ activities. Whether you’ve already deployed them or that they are still und... 09.12 Applications
Black, Grey or White Box Penetration Test? 3 Options for a Security Audit During a security audit, 3 approaches are possible. They reflect different levels of information and access given to pentesters. The choice of th... 03.11 Applications
Cybersecurity: What Risks if your Website is Based on a CMS? WordPress, Joomla, Drupal, Shopify and many more, offer real possibilities for creating sites that are both ergonomic and efficient. However, a negati... 20.10 Applications
How To Define The Scope Of A Pentest? Defining the scope of a penetration test is a delicate step. What will be the target of the pentest? More precisely, which functional and technical as... 17.09 Applications
Pancake Hardcoded Secret Leads to Account Takeover – Vaadata Advisory TL;DR Pancake is an online invoicing, project management, time tracking and proposal software. A shared hardcoded secret used to sign the session cook... 08.09 Applications
Understanding web vulnerabilities in 5 min – Episode #11 – XXE An XXE (XML External Entities) is a vulnerability ranked in the Top 10 OWASP and affecting programs interpreting XML. Its main characteristic is the a... 25.08 Applications
Cyber Security Challenges in the Healthcare Industry Digital has become central for the health sector. It applies to all activities, from patient admissions to prescription management to monitoring the p... 11.08 Applications
Penetration Testing for Fintech companies: what are the main challenges? Fintech companies are generally more exposed to risks and more mature than the average in terms of cybersecurity. The nature of their activities impli... 15.07 Applications
When is the right time to perform a pentest? Performing a pentest can be part of your objectives, without it being the priority of the moment. This for various reasons: developments are in progre... 07.07 Applications
Security and HTTPS Certificate Validity Currently, since March 2018, SSL/TLS certificates (more commonly called HTTPS certificate) can have a maximum lifetime of 825 days. But in March 2020,... 23.06 Applications
IT Security Audit: What You Need to Know There are several types of IT security audits: organizational audits, technical audits and penetration testing. All these variants are comp... 27.05 Applications
How to Securely Store Passwords in Database? Storing passwords securely is a recurring concern.But what are the main methods, how do they work, and what are they worth against current password cr... 25.05 Applications
