Posts Categorized: Application Penetration Testing

What is SQL Injection?

What is it? Put simply, SQL or sometimes “sequel” injection is a web site security fault that enables a hacker to steal the private or confidential data that you have available on your web site. It is surprisingly common, can have a devastating business impact, and is easy to prevent. Now you too can answer the question “What… Read more »

Cheat Sheet: Virtual Web Application Patching

Do you operate public-facing web applications in your card data environment? Here’s a pointer to a great source of information from the Open Web Application Security Project (OWASP) on the subject of virtual patching. What is virtual patching? Within the context of web vulnerabilities, this refers to the practice of applying a defensive layer to intercept… Read more »

Apple iOS Security Guide

Apple has (somewhat quietly) published a guide to iOS security. If you’re building apps on the iOS platform then this document will certainly be of interest to you. For example there are details of the platform’s data protection and encryption mechanisms. Download the PDF from here. Useful links: https://www.ambersail.com/what-is-sequel-injection/