IT Security Expert Blog

A UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced. A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.

Tuesday, 12 December 2017

Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities

Following the updated release of OWASP Top Ten (2017), I have updated my IBM developerWorks article "Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities", which was released on the IBM Developer Works website today
Posted by SecurityExpert at 23:30 No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: application security, ibm, OWASP
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
Click here for the IT Security Expert Website
Part of the

Cyber Security Expert Website
Tweets by @SecurityExpert Dave Whitelegg Media Info

Subscribe to

Posts
Atom
Posts
All Comments
Atom
All Comments

Search IT Security Expert Blog

Blog archive

  • ►  2020 (43)
    • ►  December (1)
    • ►  November (6)
    • ►  October (2)
    • ►  September (3)
    • ►  August (5)
    • ►  July (6)
    • ►  June (2)
    • ►  May (2)
    • ►  April (4)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2019 (76)
    • ►  December (9)
    • ►  November (17)
    • ►  October (7)
    • ►  September (2)
    • ►  August (1)
    • ►  July (3)
    • ►  June (5)
    • ►  May (9)
    • ►  April (3)
    • ►  March (4)
    • ►  February (6)
    • ►  January (10)
  • ►  2018 (27)
    • ►  December (3)
    • ►  November (3)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
    • ►  January (3)
  • ▼  2017 (38)
    • ▼  December (1)
      • Scan your app to find and fix OWASP Top 10 - 2017 ...
    • ►  November (2)
    • ►  October (3)
    • ►  September (7)
    • ►  August (4)
    • ►  June (5)
    • ►  May (5)
    • ►  April (3)
    • ►  March (3)
    • ►  February (2)
    • ►  January (3)
  • ►  2016 (23)
    • ►  December (4)
    • ►  November (4)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2015 (12)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (1)
    • ►  June (3)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (2)
  • ►  2014 (21)
    • ►  November (1)
    • ►  September (2)
    • ►  July (2)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (3)
    • ►  February (4)
    • ►  January (2)
  • ►  2013 (33)
    • ►  December (1)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (3)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (2)
    • ►  February (2)
    • ►  January (2)
  • ►  2012 (32)
    • ►  December (2)
    • ►  November (5)
    • ►  October (5)
    • ►  September (1)
    • ►  August (13)
    • ►  July (2)
    • ►  June (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2011 (14)
    • ►  November (1)
    • ►  October (1)
    • ►  September (2)
    • ►  August (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (1)
    • ►  January (3)
  • ►  2010 (18)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (1)
    • ►  July (1)
    • ►  May (1)
    • ►  April (3)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ►  2009 (29)
    • ►  December (1)
    • ►  November (3)
    • ►  October (2)
    • ►  August (1)
    • ►  July (4)
    • ►  June (3)
    • ►  May (1)
    • ►  April (2)
    • ►  March (4)
    • ►  February (4)
    • ►  January (4)
  • ►  2008 (26)
    • ►  December (3)
    • ►  November (2)
    • ►  October (3)
    • ►  September (2)
    • ►  July (2)
    • ►  June (3)
    • ►  May (1)
    • ►  April (1)
    • ►  March (4)
    • ►  February (1)
    • ►  January (4)
  • ►  2007 (60)
    • ►  December (6)
    • ►  November (14)
    • ►  October (4)
    • ►  September (8)
    • ►  August (6)
    • ►  July (6)
    • ►  June (9)
    • ►  May (7)

Post Categories

data breach Data Protection Patching cyber security roundup Home Security Hacking ransomware Security Awareness Microsoft privacy PCI DSS GDPR malware NCSC Payment Card Fraud password security Encryption nation-state hackers DPA DDoS ICO ID Theft adobe iot Cloud Security Cyber Crime web application security Threat Huawei Wifi Security phishing Social Media cyber Cyberwar facebook yahoo Mobile Security talktalk wannacry COVID-19 Cisco Network Security application security British Airways Fraud RSAC Risk Management ibm Apple amazon brexit CISO Snowden Vulnerability Management cybersecurity dark web football infographic marriott nhs Big Data Coronavirus Intel OWASP Policies Third Party Security Twitter cybercrime APT10 GCHQ NSA Terrorism aws cryptocurrencies incident management ryuk 5G APT28 BEC MFA Magecart Manchester City anti-virus equifax podcast scam small business AI Apache Compliance Cyber Essentials Insider Threat bitcoin data retension email security enterprise security kaspersky petya vpn A10 Networks CCTV Car Security Cobalt Conference Cryptojacking Emotet FCA Hacktivism Meltdown Mirai Physical Security SME Trickbot Uber Windows XP appscan bluekeep botnets ceo fraud cyber insurance firewall misconfiguration ring training travelex zoom BYOD Currys DBIR DLP Deep Secure Dixons carphone FBI Hack Heartbleed InfoSec Maze Mitre NIST O365 PewDiePie RSA SHA-1 Sophos Spectre T-Mobile VMware Windows 7 Windows Server 2018 access control artificial intelligence becrypt book review bsides bt carbon black career credential stuffing dixons labour party lenovo logmeonce management mcafee piracy pitney bowes sans sextortion social engineering starwood supply-chain threat hunting tor whatsapp 2018 AMD APT1 APT29 APT3 APT37 APT38 APT39 APT40 APTC23 ATP Aebi Schmidt Azure CESG CREST CeX Citrix Coalfire Cognizant Crime Dot Com Cyber Bullying Cyber Security Challenge UK Decathlon Defcon Disaster Recovery as a Service Disney ECSC Enterprise Europe Network European Cyber Security Challenge F5 FASTR FFA FIFA Flightradar Gaming Github Google HCSEC HSBC IAM IOC ISO27001 Identity Theft Intelligencia Krack Kraken KwikFit LOC Liverpool MH370 Maersk Memty NASA NCC Netscout Nintendo Nokia Nominet PC World PoisonTap PokemonGo RAA Redcar Regenix Revil SIGRed SOAR Security Today Sentinel Snake Sodinokibi Steganography TA505 TGI Friday UEFA VIPRE Verizon Vision Direct Windows 10 YesWeHack Zerologon adware att&ck awards beyer biometrics bitdefender bitsight black friday blockchain blueborne boothole bugbounty china christmas cloud security alliance contactless corvid cyber risk darkgate defender deltacharlie digital transformation disaster recovery dropbox drown e-crime congress easyjet education email end point security eternalblue f-secure fedex flashpoint goldenspy greene king hidden cobra ignite iloveyou imperva iphone isame isf legal sector locky lovebug moneytaker mumsnet netflix nordVPN notpetya outpost24 oyster paradox plundervolt rbs retail smart cities snapchat sonos spyware stuxnet superfish telegram teletext holidays tfl threat intelligence threatQ ticketmaster timehop undervolting wearables winzip zavvi zero-day

Last 12 Months Most Popular Posts

  • Lush Credit Card Data Breach
    Before I go into my thoughts on the recent Lush website credit card data breach, I have some important advice to all Lush online customers. ...
  • The Billion Pound Manchester City Hack
    The sport of football is a multi-billion-pound global industry, where the world's top-drawer football clubs push competitive advantages ...
  • Is Huawei a Threat to UK National Security?
    On 19th July 2018 the UK government, through the GCHQ backed Huawei Cyber Security Evaluation Centre , gave “limited assurance” that Huawei...
  • Facebook Live Oyster Pearl Party Scams
    A little off-topic but recently I've been asked so many times about the Pearl Parties live broadcasts appearing all over Facebook status...
  • Passwords are and have always been an Achilles Heel in CyberSecurity
    LogMeOnce , a password identity management suite provider, has published a detailed interview with myself titled ' Passwords are and hav...
  • WinZip Encryption Password Security
    Post Updated - See  WinZip Encryption Password Security (2017) Recently I have received several Emails asking about WinZip encryption, and...
  • Twitter Hack & Scam
    What Happened? Twitter confirmed 130 celebrity Twitter accounts were targeted in the cyberattack  on Wednesday 15th July, with 45 successful...
  • Cyber Security Roundup for June 2020
    A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar ...

Cyber Security News Stream

Tweets by @SecurityToday
4D Cyber Security Awards 2019

Other Security Blogs

  • Help Net Security - News
    December 2020 Patch Tuesday forecast: Always consider the risk - The final Patch Tuesday of the year is upon us and what a year it has been. Forcing many changes this year, the pandemic has impacted the way we conduct ...
    1 hour ago
  • Schneier on Security
    Open Source Does Not Equal Secure - Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for secur...
    14 hours ago
  • Microsoft Security
    Understanding influences shaping the cybersecurity landscape, enabling digital transformation, and helping to protect our planet - The accelerated rate of digital transformation we have seen this past year presents both challenges and endless opportunities for individuals, organizati...
    15 hours ago
  • AWS Security Blog
    Techniques for writing least privilege IAM policies - In this post, I’m going to share two techniques I’ve used to write least privilege AWS Identity and Access Management (IAM) policies. If you’re not familia...
    1 day ago
  • Krebs on Security
    Account Hijacking Site OGUsers Hacked, Again - For at least the third time in its existence, OGUsers -- a forum overrun with people looking to buy, sell and trade access to compromised social media acco...
    1 day ago
  • SpiderLabs Blog from Trustwave
    GO SMS Pro Vulnerable to File Theft: Part 2 - Last week we released an advisory about an SMS app called GO SMS Pro. Media files sent via text in the app are stored insecurely on a publicly accessible s...
    3 days ago
  • Google Online Security Blog
    Announcing our open source security key test suite - Posted by Fabian Kaczmarczyck, Software Engineer, Jean-Michel Picod, Software Engineer and Elie Bursztein, Security and Anti-abuse Research Lead Security k...
    2 weeks ago

About Me

SecurityExpert
View my complete profile

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.
All original content copyright David Whitelegg 2007-2020. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.