IT Security Expert Blog

A UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced. A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.

Tuesday, 12 December 2017

Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities

Following the updated release of OWASP Top Ten (2017), I have updated my IBM developerWorks article "Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities", which was released on the IBM Developer Works website today
Posted by SecurityExpert at 23:30 No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: application security, ibm, OWASP
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
Click here for the IT Security Expert Website
Part of the

Cyber Security Expert Website
Tweets by @SecurityExpert Dave Whitelegg Media Info

Subscribe to

Posts
Atom
Posts
All Comments
Atom
All Comments

Search IT Security Expert Blog

Blog archive

  • ►  2021 (9)
    • ►  March (2)
    • ►  February (4)
    • ►  January (3)
  • ►  2020 (49)
    • ►  December (7)
    • ►  November (6)
    • ►  October (2)
    • ►  September (3)
    • ►  August (5)
    • ►  July (6)
    • ►  June (2)
    • ►  May (2)
    • ►  April (4)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2019 (76)
    • ►  December (9)
    • ►  November (17)
    • ►  October (7)
    • ►  September (2)
    • ►  August (1)
    • ►  July (3)
    • ►  June (5)
    • ►  May (9)
    • ►  April (3)
    • ►  March (4)
    • ►  February (6)
    • ►  January (10)
  • ►  2018 (27)
    • ►  December (3)
    • ►  November (3)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
    • ►  January (3)
  • ▼  2017 (38)
    • ▼  December (1)
      • Scan your app to find and fix OWASP Top 10 - 2017 ...
    • ►  November (2)
    • ►  October (3)
    • ►  September (7)
    • ►  August (4)
    • ►  June (5)
    • ►  May (5)
    • ►  April (3)
    • ►  March (3)
    • ►  February (2)
    • ►  January (3)
  • ►  2016 (23)
    • ►  December (4)
    • ►  November (4)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2015 (12)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (1)
    • ►  June (3)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (2)
  • ►  2014 (21)
    • ►  November (1)
    • ►  September (2)
    • ►  July (2)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (3)
    • ►  February (4)
    • ►  January (2)
  • ►  2013 (33)
    • ►  December (1)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (3)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (2)
    • ►  February (2)
    • ►  January (2)
  • ►  2012 (32)
    • ►  December (2)
    • ►  November (5)
    • ►  October (5)
    • ►  September (1)
    • ►  August (13)
    • ►  July (2)
    • ►  June (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2011 (14)
    • ►  November (1)
    • ►  October (1)
    • ►  September (2)
    • ►  August (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (1)
    • ►  January (3)
  • ►  2010 (18)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (1)
    • ►  July (1)
    • ►  May (1)
    • ►  April (3)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ►  2009 (29)
    • ►  December (1)
    • ►  November (3)
    • ►  October (2)
    • ►  August (1)
    • ►  July (4)
    • ►  June (3)
    • ►  May (1)
    • ►  April (2)
    • ►  March (4)
    • ►  February (4)
    • ►  January (4)
  • ►  2008 (26)
    • ►  December (3)
    • ►  November (2)
    • ►  October (3)
    • ►  September (2)
    • ►  July (2)
    • ►  June (3)
    • ►  May (1)
    • ►  April (1)
    • ►  March (4)
    • ►  February (1)
    • ►  January (4)
  • ►  2007 (60)
    • ►  December (6)
    • ►  November (14)
    • ►  October (4)
    • ►  September (8)
    • ►  August (6)
    • ►  July (6)
    • ►  June (9)
    • ►  May (7)

Post Categories

data breach Data Protection Patching cyber security roundup ransomware Home Security Hacking Microsoft Security Awareness privacy PCI DSS GDPR NCSC malware Payment Card Fraud password security Encryption nation-state hackers DPA DDoS ICO adobe Cloud Security ID Theft iot Cyber Crime Threat web application security Huawei COVID-19 Cyberwar phishing Wifi Security cyber Mobile Security Social Media facebook yahoo Network Security talktalk wannacry Cisco Fraud application security cybersecurity Apple British Airways CISO Coronavirus RSAC Risk Management Vulnerability Management ibm amazon brexit cybercrime dark web marriott AI Snowden football infographic nhs Big Data Intel OWASP Policies Third Party Security Twitter APT10 BEC GCHQ Insider Threat MFA NSA Terrorism aws cryptocurrencies equifax incident management ryuk 5G APT28 Magecart Manchester City anti-virus enterprise security podcast scam small business solarwinds Apache Compliance Cyber Essentials DLP Emotet bitcoin data retension email security kaspersky petya vpn A10 Networks APT29 CCTV Car Security Cobalt Conference Cryptojacking FCA Hacktivism Meltdown Mirai Mitre O365 Physical Security SME Trickbot Uber VMware Windows XP appscan artificial intelligence bluekeep botnets carbon black career ceo fraud credential stuffing cyber insurance firewall mcafee misconfiguration ring sans solorigate supply-chain threat hunting training travelex zoom BYOD CISA Currys DBIR Deep Secure Dixons carphone FBI Google Hack Heartbleed IAM InfoSec Maze NIST PewDiePie RSA SHA-1 Sophos Spectre T-Mobile Windows 7 Windows Server 2018 Zero Trust access control becrypt blockchain book review bsides bt china digital transformation dixons fireeye labour party lenovo linux logmeonce management piracy pitney bowes sextortion social engineering starwood sunburst threat intelligence tor whatsapp 2018 AMD APT1 APT27 APT3 APT37 APT38 APT39 APT40 APTC23 ATP Aebi Schmidt Azure CCISO CCPA CEH CESG CISM CISSP CREST CVE-2021-3156 CVSS CeX Citrix Coalfire Cognizant CompTIA Crime Dot Com Cyber Bullying Cyber Security Challenge UK Decathlon Defcon Disaster Recovery as a Service Disney ECSC Enterprise Europe Network European Cyber Security Challenge F5 FASTR FFA FIFA Flightradar Gaming Github HCSEC HSBC IOC ISACA ISC2 ISCN ISO27001 Identity Theft Intelligencia Kia Krack Kraken KwikFit LOC Liverpool MH370 ML Maersk Memty NASA NCC Netscout Nintendo Nokia Nominet PC World PoisonTap PokemonGo RAA Redcar Regenix Revil SIGRed SOAR Security Today Sentinel Sepa Serco Snake Sodinokibi Steganography TA505 TGI Friday Total Fitness UEFA VIPRE Verizon Vision Direct Windows 10 YesWeHack Zerologon adware att&ck awards bakuk beyer biometrics bitdefender bitsight black friday blueborne boothole bugbounty christmas cloud security alliance contactless corvid cyber extortion cyber risk cyberis darkgate data classification defender deltacharlie disaster recovery dropbox drown e-crime congress easyjet education email end point security eternalblue f-secure fedex films finance fintech flashpoint goldenspy greene king hacker hidden cobra ignite iloveyou imperva iphone isame isf legal sector locky lovebug mimecast moneytaker movies mumsnet netflix nordVPN notpetya npower outpost24 oyster paradox plundervolt qualys rbs regtech retail shadow IT shlayer smart cities snapchat sonos spotify spyware stuxnet sudo superfish telegram teletext holidays tfl threatQ ticketmaster timehop undervolting unix wearables winzip zavvi zero-day

Last 12 Months Most Popular Posts

  • Lush Credit Card Data Breach
    Before I go into my thoughts on the recent Lush website credit card data breach, I have some important advice to all Lush online customers. ...
  • The Billion Pound Manchester City Hack
    The sport of football is a multi-billion-pound global industry, where the world's top-drawer football clubs push competitive advantages ...
  • Is Huawei a Threat to UK National Security?
    On 19th July 2018 the UK government, through the GCHQ backed Huawei Cyber Security Evaluation Centre , gave “limited assurance” that Huawei...
  • Passwords are and have always been an Achilles Heel in CyberSecurity
    LogMeOnce , a password identity management suite provider, has published a detailed interview with myself titled ' Passwords are and hav...
  • Facebook Live Oyster Pearl Party Scams
    A little off-topic but recently I've been asked so many times about the Pearl Parties live broadcasts appearing all over Facebook status...
  • Twitter Hack & Scam
    What Happened? Twitter confirmed 130 celebrity Twitter accounts were targeted in the cyberattack  on Wednesday 15th July, with 45 successful...
  • Cyber Security Roundup for June 2020
    A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar ...
  • WinZip Encryption Password Security
    Post Updated - See  WinZip Encryption Password Security (2017) Recently I have received several Emails asking about WinZip encryption, and...

Cyber Security News Stream

Tweets by @SecurityToday
4D Cyber Security Awards 2019

Other Security Blogs

  • Help Net Security - News
    (ISC)² 2021 Security Congress to focus on cybersecurity challenges across regions - (ISC)² announced a global call for speakers for its 11th annual (ISC)² Security Congress conference, which will take place this year from October 18-20. ...
    20 minutes ago
  • Microsoft Security
    International Women’s Day: How to support and grow women in cybersecurity - Today, March 8, we are proud to celebrate International Women’s Day. The United Nations announced this year’s theme as “Women in leadership: Achieving an...
    16 hours ago
  • Krebs on Security
    A Basic Timeline of the Exchange Mass-Hack - Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here's a br...
    18 hours ago
  • Schneier on Security
    Hacking Digitally Signed PDF Files - Interesting paper: “Shadow Attacks: Hiding and Replacing Content in Signed PDFs“: *Abstract:* Digitally signed PDFs are used in contracts and invoices to...
    22 hours ago
  • SpiderLabs Blog from Trustwave
    Trustwave's Action Response to the Microsoft Exchange Server Zero-Day Vulnerabilities and Attacks - A Microsoft report indicated that the named vulnerabilities were being exploited in the wild by a new threat actor group Microsoft named HAFNIUM. According...
    1 day ago
  • AWS Security Blog
    How to replicate secrets in AWS Secrets Manager to multiple Regions - On March 3, 2021, we launched a new feature for AWS Secrets Manager that makes it possible for you to replicate secrets across multiple AWS Regions. You ca...
    4 days ago
  • Google Online Security Blog
    #ShareTheMicInCyber: Rob Duhart - Posted by Matt Levine, Director, Risk Management *In an effort to showcase the breadth and depth of Black+ contributions to security and privacy fields, ...
    1 week ago

About Me

SecurityExpert
View my complete profile

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.
All original content copyright David Whitelegg 2007-2020. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.