IT Security Expert Blog

A UK view on Cybersecurity & Information Security, Everything Computer Security from the very basics to the advanced. A blog with a focus on the latest Cyber Security developments & issues in the UK, including Hacking, Privacy (GDPR), Data Breaches, security standards such as NIST, PCI DSS, Cyber Essentials & ISO27001, all will be simply explained.

Tuesday, 12 December 2017

Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities

Following the updated release of OWASP Top Ten (2017), I have updated my IBM developerWorks article "Scan your app to find and fix OWASP Top 10 - 2017 vulnerabilities", which was released on the IBM Developer Works website today
Posted by SecurityExpert at 23:30 No comments:
Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest
Labels: application security, ibm, OWASP
Newer Posts Older Posts Home
View mobile version
Subscribe to: Posts (Atom)
Click here for the IT Security Expert Website
Part of the

Cyber Security Expert Website
Tweets by @SecurityExpert Dave Whitelegg Media Info

Subscribe to

Posts
Atom
Posts
All Comments
Atom
All Comments

Search IT Security Expert Blog

Blog archive

  • ►  2021 (18)
    • ►  April (5)
    • ►  March (6)
    • ►  February (4)
    • ►  January (3)
  • ►  2020 (49)
    • ►  December (7)
    • ►  November (6)
    • ►  October (2)
    • ►  September (3)
    • ►  August (5)
    • ►  July (6)
    • ►  June (2)
    • ►  May (2)
    • ►  April (4)
    • ►  March (5)
    • ►  February (3)
    • ►  January (4)
  • ►  2019 (76)
    • ►  December (9)
    • ►  November (17)
    • ►  October (7)
    • ►  September (2)
    • ►  August (1)
    • ►  July (3)
    • ►  June (5)
    • ►  May (9)
    • ►  April (3)
    • ►  March (4)
    • ►  February (6)
    • ►  January (10)
  • ►  2018 (27)
    • ►  December (3)
    • ►  November (3)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (2)
    • ►  June (1)
    • ►  May (2)
    • ►  April (1)
    • ►  March (2)
    • ►  February (3)
    • ►  January (3)
  • ▼  2017 (38)
    • ▼  December (1)
      • Scan your app to find and fix OWASP Top 10 - 2017 ...
    • ►  November (2)
    • ►  October (3)
    • ►  September (7)
    • ►  August (4)
    • ►  June (5)
    • ►  May (5)
    • ►  April (3)
    • ►  March (3)
    • ►  February (2)
    • ►  January (3)
  • ►  2016 (23)
    • ►  December (4)
    • ►  November (4)
    • ►  October (2)
    • ►  September (4)
    • ►  August (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (1)
    • ►  April (2)
    • ►  March (1)
    • ►  February (1)
    • ►  January (1)
  • ►  2015 (12)
    • ►  December (1)
    • ►  November (1)
    • ►  October (1)
    • ►  September (1)
    • ►  June (3)
    • ►  May (1)
    • ►  March (1)
    • ►  February (1)
    • ►  January (2)
  • ►  2014 (21)
    • ►  November (1)
    • ►  September (2)
    • ►  July (2)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (3)
    • ►  February (4)
    • ►  January (2)
  • ►  2013 (33)
    • ►  December (1)
    • ►  October (4)
    • ►  September (6)
    • ►  August (6)
    • ►  July (3)
    • ►  June (4)
    • ►  May (1)
    • ►  April (2)
    • ►  March (2)
    • ►  February (2)
    • ►  January (2)
  • ►  2012 (32)
    • ►  December (2)
    • ►  November (5)
    • ►  October (5)
    • ►  September (1)
    • ►  August (13)
    • ►  July (2)
    • ►  June (2)
    • ►  March (1)
    • ►  January (1)
  • ►  2011 (14)
    • ►  November (1)
    • ►  October (1)
    • ►  September (2)
    • ►  August (1)
    • ►  June (1)
    • ►  April (1)
    • ►  March (3)
    • ►  February (1)
    • ►  January (3)
  • ►  2010 (18)
    • ►  November (1)
    • ►  October (2)
    • ►  September (2)
    • ►  August (1)
    • ►  July (1)
    • ►  May (1)
    • ►  April (3)
    • ►  March (3)
    • ►  February (3)
    • ►  January (1)
  • ►  2009 (29)
    • ►  December (1)
    • ►  November (3)
    • ►  October (2)
    • ►  August (1)
    • ►  July (4)
    • ►  June (3)
    • ►  May (1)
    • ►  April (2)
    • ►  March (4)
    • ►  February (4)
    • ►  January (4)
  • ►  2008 (26)
    • ►  December (3)
    • ►  November (2)
    • ►  October (3)
    • ►  September (2)
    • ►  July (2)
    • ►  June (3)
    • ►  May (1)
    • ►  April (1)
    • ►  March (4)
    • ►  February (1)
    • ►  January (4)
  • ►  2007 (60)
    • ►  December (6)
    • ►  November (14)
    • ►  October (4)
    • ►  September (8)
    • ►  August (6)
    • ►  July (6)
    • ►  June (9)
    • ►  May (7)

Post Categories

data breach Data Protection Patching cyber security roundup ransomware Home Security Hacking Security Awareness Microsoft privacy PCI DSS GDPR NCSC malware Payment Card Fraud password security Encryption nation-state DPA hackers DDoS ICO adobe Cloud Security Cyber Crime ID Theft iot Threat COVID-19 web application security Huawei Cyberwar phishing Social Media Wifi Security cyber Mobile Security facebook Network Security yahoo CISO talktalk wannacry Cisco cybersecurity Fraud application security Apple British Airways Coronavirus RSAC Risk Management Vulnerability Management ibm AI amazon brexit cybercrime dark web marriott Snowden Twitter football infographic nhs Big Data Intel OWASP Policies Third Party Security APT10 BEC GCHQ Insider Threat MFA NSA Terrorism aws cryptocurrencies equifax incident management ryuk 5G APT28 Magecart Manchester City anti-virus email security enterprise security podcast scam small business solarwinds training vpn Apache Compliance Cyber Essentials DLP Emotet bitcoin botnets data retension kaspersky petya A10 Networks APT29 BYOD CCTV Car Security Cobalt Conference Cryptojacking FCA Hack Hacktivism Meltdown Mirai Mitre O365 Physical Security SME Trickbot Uber VMware Windows XP appscan artificial intelligence bluekeep book review carbon black career ceo fraud credential stuffing cyber insurance firewall human error management mcafee misconfiguration ring sans solorigate supply-chain threat hunting travelex zoom CISA Currys DBIR Deep Secure Dixons carphone FBI Google Heartbleed IAM InfoSec Maze NIST PewDiePie RSA SHA-1 Sophos Spectre T-Mobile VIPRE Windows 7 Windows Server 2018 Zero Trust access control becrypt blockchain bsides bt china cyber extortion digital transformation dixons education fireeye labour party lenovo linux logmeonce piracy pitney bowes sextortion social engineering starwood sunburst threat intelligence tor whatsapp zero-day 2018 AMD APT1 APT27 APT3 APT37 APT38 APT39 APT40 APTC23 ATP Aebi Schmidt Azure Born Digital CCISO CCPA CEH CESG CISM CISSP CREST CVE-2021-3156 CVSS CeX Citrix Coalfire Cognizant CompTIA Conti Crime Dot Com Cyber Bullying Cyber Security Challenge UK DataDome Decathlon Defcon Disaster Recovery as a Service Disney ECSC Enterprise Europe Network European Cyber Security Challenge Exchange F5 FASTR FFA FIFA FatFace Flightradar Gaming Github HCSEC HR HSBC Hafnium IOC ISACA ISC2 ISCN ISO27001 Identity Theft Intelligencia Kia Krack Kraken KwikFit LOC LORCA Liverpool MH370 ML Maersk Memty NASA NCC NCF NIS Netscout Nintendo Nokia Nominet Online Harms Bill PC World PoisonTap PokemonGo RAA Redcar Regenix Revil SD-WAN SIGRed SOAR SaltDNA Security Today Sentinel Sepa Serco Snake Sodinokibi Steganography TA505 TGI Friday Tesla TikTok Total Fitness UEFA Verizon Vision Direct Windows 10 YesWeHack Zerologon adware att&ck awards bakuk beyer biometrics bitdefender bitsight black friday blueborne boothole bugbounty christmas cloud security alliance contactless corvid cyber risk cyberis darkgate data classification defender deltacharlie disaster recovery dropbox drown e-crime congress easyjet email embroker end point security eternalblue f-secure fedex films finance fintech flashpoint goldenspy greene king hacker hidden cobra ignite iloveyou imperva iphone isame isf legal sector locky lovebug mimecast moneytaker movies mumsnet netflix nordVPN notpetya npower outpost24 oyster paradox plundervolt qualys rbs regtech retail shadow IT shlayer smart cities snapchat sonos spotify spyware stuxnet sudo superfish telegram teletext holidays tfl threatQ ticketmaster timehop undervolting unix wearables winzip zavvi

Last 12 Months Most Popular Posts

  • Lush Credit Card Data Breach
    Before I go into my thoughts on the recent Lush website credit card data breach, I have some important advice to all Lush online customers. ...
  • The Billion Pound Manchester City Hack
    The sport of football is a multi-billion-pound global industry, where the world's top-drawer football clubs push competitive advantages ...
  • Is Huawei a Threat to UK National Security?
    On 19th July 2018 the UK government, through the GCHQ backed Huawei Cyber Security Evaluation Centre , gave “limited assurance” that Huawei...
  • Passwords are and have always been an Achilles Heel in CyberSecurity
    LogMeOnce , a password identity management suite provider, has published a detailed interview with myself titled ' Passwords are and hav...
  • Facebook Live Oyster Pearl Party Scams
    A little off-topic but recently I've been asked so many times about the Pearl Parties live broadcasts appearing all over Facebook status...
  • Twitter Hack & Scam
    What Happened? Twitter confirmed 130 celebrity Twitter accounts were targeted in the cyberattack  on Wednesday 15th July, with 45 successful...
  • Data Loss Prevention: Artificial Intelligence vs. Human Insight
    The cybersecurity landscape continues to evolve as cybercriminals become ever more sophisticated, and digital security tools accelerate to m...
  • Cyber Security Roundup for February 2021
    A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar ...

Cyber Security News Stream

Tweets by @SecurityToday
4D Cyber Security Awards 2019

Other Security Blogs

  • Help Net Security - News
    Approaching zero trust security strategically - With digital transformation efforts accelerating, the attack surface expanding exponentially and conventional perimeter-based security continuing to fail...
    2 hours ago
  • Microsoft Security
    Afternoon Cyber Tea: Cybersecurity has become a pillar of the business - Information security researcher and author Tarah Wheeler talks with Microsoft’s Ann Johnson about the growing role of cybersecurity as a pillar of the bu...
    13 hours ago
  • Schneier on Security
    Details on the Unlocking of the San Bernardino Terrorist’s iPhone - The *Washington Post* has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli c...
    20 hours ago
  • Krebs on Security
    Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020? - On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus an...
    3 days ago
  • AWS Security Blog
    How to use AWS IAM Access Analyzer API to automate detection of public access to AWS KMS keys - In this blog post, I show you how to use AWS IAM Access Analyzer programmatically to automate the detection of public access to your resources in an AWS ac...
    4 days ago
  • Google Online Security Blog
    A New Standard for Mobile App Security - Posted by Brooke Davis and Eugene Liderman, Android Security and Privacy Team With all of the challenges from this past year, users have become increasing...
    4 days ago
  • SpiderLabs Blog from Trustwave
    Patch Tuesday, April 2021 - April's Patch Tuesday is upon us and it is showering us with patches for a total of 108 CVEs. This includes 20 CVEs rated a "Critical", 87 rated as "Import...
    1 week ago

About Me

SecurityExpert
View my complete profile

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.
All original content copyright David Whitelegg 2007-2020. You may not use any original content with. Awesome Inc. theme. Powered by Blogger.