4 Tips to kickstart your web application security effort

Securing web applications is not an easy task; especially when the application is constantly changing and business-critical. Identifying where to start could be overwhelming, especially if you’re just dipping your toes in web application security. Here are four tips to help you get started. 1. Know your target This is one of the most important, […]

Read More →

Securing MySQL Server on Ubuntu 16.04 LTS – Configuring MySQL Securely, Part 2

In part 1 of this series, we looked at Installing MySQL Server on Ubuntu 16.04 LTS. In this second part, we will be looking at configuring MySQL securely. Configuration We will start off with the most common settings by opening the default MySQL configuration file using the nano text editor. secuser@secureserver:/# sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf User MySQL […]

Read More →

Why is Source Code Disclosure dangerous?

Source code often contains some form of sensitive information—whether it be configuration related information (e.g. database credentials) or simply information on how the web application functions. If disclosed, such information can potentially be used by an attacker to discover logical flaws and escalate into a subsequent chain of attacks which would not be possible without […]

Read More →