IT Security Expert Blog

A UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced. A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.

Tuesday, 12 December 2017

Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities

Following the updated release of OWASP Top Ten (2017), I have updated my IBM developerWorks article "Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities", which was released on the IBM Developer Works website today
Posted by SecurityExpert at 23:30 No comments:
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: application security, ibm, OWASP
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
Click here for the IT Security Expert Website
Part of the

Cyber Security Expert Website
Tweets by @SecurityExpert Dave Whitelegg Media Info

Subscribe To

Posts
Atom
Posts
All Comments
Atom
All Comments

Search IT Security Expert Blog

Blog Archive

  • ►  2021 (39)
    • ►  September (1)
    • ►  August (1)
    • ►  July (3)
    • ►  June (3)
    • ►  May (10)
    • ►  April (8)
    • ►  March (6)
    • ►  February (4)
    • ►  January (3)
  • ►  2020 (49)
    • ►  December (7)
    • ►  November (6)
    • ►  October (2)
    • ►  September (3)
    • ►  August (5)
    • ►  July (6)
    • ►  June (2)
    • ►  May (2)
    • ►  April (4)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2019 (76)
    • ►  December (9)
    • ►  November (17)
    • ►  October (7)
    • ►  September (2)
    • ►  August (1)
    • ►  July (3)
    • ►  June (5)
    • ►  May (9)
    • ►  April (3)
    • ►  March (4)
    • ►  February (6)
    • ►  January (10)
  • ►  2018 (27)
    • ►  December (3)
    • ►  November (3)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
    • ►  January (3)
  • ▼  2017 (38)
    • ▼  December (1)
      • Scan your app to find and fix OWASP Top 10 - 2017 ...
    • ►  November (2)
    • ►  October (3)
    • ►  September (7)
    • ►  August (4)
    • ►  June (5)
    • ►  May (5)
    • ►  April (3)
    • ►  March (3)
    • ►  February (2)
    • ►  January (3)
  • ►  2016 (23)
    • ►  December (4)
    • ►  November (4)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2015 (12)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (1)
    • ►  June (3)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (2)
  • ►  2014 (21)
    • ►  November (1)
    • ►  September (2)
    • ►  July (2)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (3)
    • ►  February (4)
    • ►  January (2)
  • ►  2013 (33)
    • ►  December (1)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (3)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (2)
    • ►  February (2)
    • ►  January (2)
  • ►  2012 (32)
    • ►  December (2)
    • ►  November (5)
    • ►  October (5)
    • ►  September (1)
    • ►  August (13)
    • ►  July (2)
    • ►  June (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2011 (14)
    • ►  November (1)
    • ►  October (1)
    • ►  September (2)
    • ►  August (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (1)
    • ►  January (3)
  • ►  2010 (18)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (1)
    • ►  July (1)
    • ►  May (1)
    • ►  April (3)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ►  2009 (29)
    • ►  December (1)
    • ►  November (3)
    • ►  October (2)
    • ►  August (1)
    • ►  July (4)
    • ►  June (3)
    • ►  May (1)
    • ►  April (2)
    • ►  March (4)
    • ►  February (4)
    • ►  January (4)
  • ►  2008 (26)
    • ►  December (3)
    • ►  November (2)
    • ►  October (3)
    • ►  September (2)
    • ►  July (2)
    • ►  June (3)
    • ►  May (1)
    • ►  April (1)
    • ►  March (4)
    • ►  February (1)
    • ►  January (4)
  • ►  2007 (60)
    • ►  December (6)
    • ►  November (14)
    • ►  October (4)
    • ►  September (8)
    • ►  August (6)
    • ►  July (6)
    • ►  June (9)
    • ►  May (7)

Post Categories

data breach Data Protection Patching ransomware cyber security roundup Security Awareness Hacking Home Security Microsoft privacy PCI DSS GDPR NCSC Payment Card Fraud malware password security DPA Encryption nation-state hackers ICO DDoS Cyber Crime adobe COVID-19 Cloud Security ID Theft iot web application security Threat phishing Huawei Wifi Security cyber Cyberwar Mobile Security Network Security Social Media facebook cybersecurity yahoo CISO talktalk wannacry Apple Cisco Vulnerability Management application security British Airways Fraud ibm Coronavirus RSAC Risk Management cybercrime dark web marriott AI amazon brexit nhs Snowden Twitter football infographic training BEC Big Data Intel OWASP Policies Third Party Security vpn APT10 GCHQ Insider Threat MFA NSA Terrorism anti-virus aws cryptocurrencies email security equifax incident management ryuk scam small business 5G APT28 Compliance Cyber Essentials Magecart Manchester City VIPRE bitcoin enterprise security podcast solarwinds Apache DLP Emotet Physical Security botnets cyber insurance cyber risk data retension digital transformation human error kaspersky mcafee petya supply-chain A10 Networks APT29 BYOD CCTV CISA Car Security Cobalt Conference Conti Cryptojacking DarkSide FCA Google Hack Hacktivism Meltdown Mirai Mitre NIST O365 Revil SME Trickbot Uber VMware Windows XP appscan artificial intelligence bluekeep book review carbon black career ceo fraud credential stuffing education firewall management misconfiguration ring sans solorigate threat hunting travelex zero-day zoom Currys DBIR Deep Secure Dixons carphone FBI Heartbleed IAM ISO27001 InfoSec Maze PCI PewDiePie RSA SHA-1 SaltDNA Sophos Spectre T-Mobile Verizon Windows 7 Windows Server 2018 Zero Trust access control bakuk becrypt blockchain bsides bt china cyber extortion dixons fireeye iphone labour party lenovo linux logmeonce penetration test piracy pitney bowes sextortion smart cities social engineering starwood sunburst threat intelligence ticketmaster tor whatsapp 2018 AMD APT1 APT27 APT3 APT37 APT38 APT39 APT40 APTC23 ATP Aebi Schmidt Air India Azure Born Digital CCISO CCPA CDE CEH CESG CISM CISSP CREST CVE-2021-3156 CVSS CeX Certes Networks Check Point Citrix Coalfire Cognizant CompTIA Crime Dot Com Cyber Bullying Cyber Security Challenge UK Cyber Tec Security DNS Security DataDome Decathlon Defcon DevOps Disaster Recovery as a Service Disney ECSC Enterprise Europe Network European Cyber Security Challenge Exchange F5 FASTR FFA FIFA FatFace Flightradar Forrester Gaming Giacom Github HCSEC HIPAA HR HSBC Hafnium IASME IOC ISACA ISC2 ISCN Identity Theft Ikea Intelligencia JBS Kia Krack Kraken KwikFit LOC LORCA LinkedIn Liverpool MH370 ML MSPs Maersk Memty NASA NCC NCF NCS NIS Netscout Nintendo Nokia Nominet Online Harms Bill PC World PoisonTap PokemonGo RAA RFT Redcar Regenix SD-WAN SIGRed SMBs SOAR SSL SecureTeam Security Today Sentinel Sepa Serco Snake Sodinokibi Steganography TA505 TGI Friday Tesla The Lazaus Group TikTok Total Fitness UEFA Vision Direct Vulnerability scan Windows 10 YesWeHack Zerologon adware att&ck awards backup beyer biometrics bitdefender bitsight black friday blueborne boothole bugbounty christmas cloud security alliance contactless corvid cyberis darkgate data classification data security defender deltacharlie digital certificates disaster recovery dropbox drown e-crime congress easyjet email embroker end point security eternalblue f-secure fedex films finance fintech flashpoint free freelance goldenspy greene king hacker hidden cobra ignite iloveyou imperva isame isf legal sector locky lovebug mimecast moneytaker movies mumsnet netflix nordVPN notpetya npower outpost24 oyster paradox plundervolt qualys rbs regtech retail shadow IT shlayer smartphone snapchat sonos spotify spyware stuxnet sudo superfish telegram teletext holidays tfl threatQ timehop translation undervolting unix wearables webroot winzip zavvi

Last 12 Months Most Popular Posts

  • Prevention is Better Than Cure: The Ransomware Evolution
    Ransomware tactics have continued to evolve over the years, and remain a prominent threat to both SMBs and larger organisations. Particularl...
  • 10 Things You Might Not Know About Cyber Essentials
      I ASME  del iv ers Cyber Essentials on behalf of UK  NCSC By Sam Jones | Cyber Tec Security  and Dave Whitelegg What is  Cyber Essentials...
  • Achieving PCI DSS Compliant Firewalls within a Small Business
    The most important and integral part of any data security begins with having firewalls installed in the environment. Not just that, installi...
  • Payment Security: Understanding the Four Corner Model
    Introduction Online shopping digital payment transactions may seem quite simple, but in reality, just one single transaction sets off multip...
  • Free Coventry University Course to Help Everyone Protect their Online Privacy
    Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy ...
  • Why Freelancers Should Prioritise Cybersecurity
    Article by  Beau Peters As a freelancer in any industry, you are likely more susceptible to hackers and cybercrime than many other professio...
  • How to Ensure Security when Buying a Refurbished or Second-Hand Smartphone
    Last year, a Which? investigation found that 31% of resold smartphone models from three of the major used and refurbished handset stores ar...
  • Cyber Security Roundup for July 2021
         A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous cale...

Cyber Security News Stream

Tweets by @SecurityToday
4D Cyber Security Awards 2019

Other Security Blogs

  • Help Net Security - News
    Enhancing visibility for better security in multi-cloud and hybrid environments - In this Help Net Security interview, Brooke Motta, CEO of RAD Security, talks about how cloud-specific threats have evolved and what companies should be ...
    1 hour ago
  • Google Online Security Blog
    Leveling Up Fuzzing: Finding more vulnerabilities with AI - Posted by Oliver Chang, Dongge Liu and Jonathan Metzman, Google Open Source Security Team Recently, OSS-Fuzz reported 26 new vulnerabilities to open source...
    13 hours ago
  • Schneier on Security
    Steve Bellovin’s Retirement Talk - Steve Bellovin is retiring. Here’s his retirement talk, reflecting on his career and what the cybersecurity field needs next.
    13 hours ago
  • Krebs on Security
    Fintech Giant Finastra Investigating Data Breach - The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecur...
    1 day ago
  • AWS Security Blog
    Securing the RAG ingestion pipeline: Filtering mechanisms - Retrieval-Augmented Generative (RAG) applications enhance the responses retrieved from large language models (LLMs) by integrating external data such as do...
    1 day ago
  • SpiderLabs Blog from Trustwave
    Lessons from a Honeypot with US Citizens’ Data - Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team was hard at work investigating potential risks and threats to the election s...
    1 week ago
  • Microsoft Security
    New Microsoft identity and data security capabilities to accelerate CMMC compliance for the Defense Industrial Base - Microsoft introduces new capabilities in Microsoft Entra ID and Microsoft Purview that support CMMC compliance while also helping Defense Industrial Base...
    1 year ago

About Me

SecurityExpert
View my complete profile

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.
All original content copyright David Whitelegg 2007-2020. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.