-
We need to Point out as Importent Note that You should never store Sensitive stuff like Credentials in Localstorage! No JWT at all. I know this is not a direct issue of this but it will help a lot to …
-
**Tell us what you are thinking about:**
-> Review new security product, semgrep, for static testing of OWASP top 10 rules.
https://semgrep.dev/p/owasp-flask
returntocorp/semgrep - Semgr…
-
They should be. Insufficient logging and monitoring is on the OWASP Top 10.
HON95 updated
5 years ago
-
Is there a plan to update this to use Angular 2?
-
Hi
I wonder if you could generate stable IDs for main headlines or even more detailed subtitles as far as you like, please. This could help anybody to get a stable link to the proactive controls (e.…
-
- [ ] Is there existing cheatsheets at [OWASP Cheatsheets](https://cheatsheetseries.owasp.org/Glossary.html)
- [ ] If there is an existing cheatsheet, does it need updating at the source to cater for…
-
Integrate our existing logging module into the web app, to document what goes on. Not too sure of the specifics for how we would best implement this, but:
https://www.owasp.org/index.php/Top_10-20…
-
Create a “Security Skills for Developers” document that lists key skills job applicants should have, along with ways to acquire those skills/credentials, and evangelize to academia and to developers
-
HTTPS
CORS
Content-Security-Policy
OWASP Top 10
-
Keybase is unable to get keybase.txt when server uses ModSecurity with Core Rule Set.
Reason is that keybase is using GET withouth Accept header.
Related log entry:
[Thu Aug 14 08:59:12 2014] [error]…