
Attacking Sites Using CSRF – Security Simplified

Source link
Related Articles
All Mix →Behind the Scenes: Securing In-House Execution of Unsafe Third-Party Executables
Table of Contents 1. Profile the executable 2. Harden the application layer 3. Secure the processing pipeline (harden your infrastructure, use secure network design) Mukul…
Improve your program scope visibility
Table of Contents Using Asset Groups to segregate by asset type Using Asset Groups to segregate by application component Using Asset Groups to segregate by…
Q&A with HackerOne’s New Board Member: Kathryn Haun
We are thrilled to introduce the newest member of the HackerOne team, Kathryn Haun, who is joining our board of directors. Katie is a former U.S.…
The Rich and Selfish Have Enlisted the Poor to Fight For Them
Obama is trying to raise taxes (by eliminating loopholes) on billionaire corporations that move jobs overseas so that their executives can have more boats and…
An Attacker’s View of Serverless and GraphQL Apps
Table of Contents What is Functions-as-a-Service (FaaS)? What is GraphQL? FaaS Security Considerations Attacker’s View of FaaS Privilege Escalation – IAM and Other Misconfigurations Attacker’s…
Google Play increases bounties and expands scope for Android apps
In October 2017, Google and HackerOne introduced the Google Play Security Reward Program, the first and only bug bounty program for an app ecosystem. Today,…