OWASP ZAP released a new version of its leading ZAP Project - V2.8.0 which brings a new Heads Up Display (HUD) interface.

This article discusses a topic that is very confusing, and many people have posted questions about their doubts on the terms related to Authorization, Authentication, and Security protocols.

In this blog, we will discuss how a cookie becomes vulnerable when the HttpOnly attribute is not set especially when it contains sensitive information like SessionId.

Writing secure code is an important part of software development. .NET provides code access security mechanism that grants/denies access to resources within a method call. This article explains how...

Recently, I was involved in a project where I got a chance to work on its security and frankly, I didn't know anything about security. In this write-up, I have shared how I went through it.

In this article, we are going to understand about JSON Web Token which is known as JWT.

Generating Symmetric Private Key In C# and .NET. Major symmetric algorithms are AES, DES, RC2, Rijndael, and TripleDES. The GenerateKey and GenerateIV methods return the private secret key and init...

How to generate public/private key in C#. Asymmetric cryptography also known as public-key encryption uses a public/private key pair to encrypt and decrypt data. In .NET, the RSACryptoServiceProvid...

Today, a website security is one of the top priorities for developers and HTTPS is the firs step. This step by step walk-through tutorial teaches how to implement the SSL on a Website for free in 1...

As part of Project Strobe, an initiative to review third-party developer access to its applications and services.

Cybercrimes are on the rise. There are over 1 million cyber attacks are initiated each day. To protect yourself, your family, and your business, there are certain precautions you can take that will...

GitHub, world’s largest community of developers for coding and web development, has introduced new security practices for its users.

Over the last several months, the media has repeatedly reported on the exploitations of cybercriminals using their malware to shut down equipment and networks or take data hostage with a ransom dem...

Digicert finishes acquisition of Symantec's SSL and related PKI solution business. Now the browser community distrusts Symantec SSL certificates and after 15th March 2018, your website with Sym...

Recently, Microsoft has released volume 23 of its Security Intelligence Report.

OWASP is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. It is a single location to provide fail and real-world information about App Sec...

Kaspersky Lab has announced that it is launching a free version of its renowned antivirus software.

Here we will see three approaches for storing user credentials into the database. The plain-text approach should never be used. The salting and hashing technique seems secure and makes it difficult...

Any innovation when used thoughtfully, can be good for humans, but similarly when it falls into the wrong hands then it can be misused badly. So is the technology, it has become an inseparable part...

In this article, you will learn about the password strength indicator using jQuery and XML + NuGet Package.

In this technology driven age, data is quite possibly one of the biggest assets that your company has, but more than that, has to protect and build data recovery strategy.

In this article, you will learn how it is possible to secure application ideas without a patent.

If you work on a Windows machine with customer data, you need to secure it - learn how!

In this blog, you will learn why one should extend his SIEM Solution With Network Configuration Monitoring Tools.

In this article, you will learn about "known wrongs" in securing software.