ImmuniWeb Security Blog

Sensitive Data Exposure is #3 in OWASP's top ten web application security risks. We've already examined database exposure through lack of access controls – which still usually ...

Amazon Web Service (AWS), launched in 2006, is now the leading cloud service platform by market share. Its Simple Storage Service (S3) is particularly popular – but ...

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a ...

If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with ...

How to detect, prevent and combat malicious cybersquatting, typosquatting and trademark infringement.

Francesca Bosco, UNICRI Programme Officer, speaks about growing cybercrime, ML/AI and governmental regulation of cybersecurity.

Insecure Deserialization is #8 in the current OWASP Top Ten Most Critical Web Application Security Risks. It is difficult to exploit, but successful attacks can lead to remote ...

Cross-site scripting (XSS) is #7 in the current OWASP Top Ten Most Critical Web Application Security Risks – and the second most prevalent web application vulnerability. It is ...

Security Misconfiguration is #6 in the current OWASP Top Ten Most Critical Web Application Security Risks. Misconfiguration can include both errors in the installation of ...

Broken Access Control is #5 in the current OWASP Top Ten Most Critical Web Application Security Risks. It should be viewed in conjunction with Broken Authentication, currently the ...

XML External Entities (XXE or XML injection) is #4 in the current OWASP Top Ten Most Critical Web Application Security Risks.

Sensitive data exposure is #3 in the current OWASP top Ten Most Critical Web Application Security Risks.