-
Could the various bias templates (Data Biases, Algorithmic Biases, Societal Biases, Misinterpretation Biases, Developer Biases) be moved to subcategories of AI Application Security? They currently dis…
-
## What is missing or needs to be updated?
The current Mobile Application Security Cheat Sheet lacks specific guidance on securing app functionality that could be accessed when an iOS/iPadOS device i…
-
## Problem
A non-urgent but important issue is security. If a prototype is deployed, it is subjected to all kinds of attacks and security scans. We don't have good insight into its security character…
-
# Proposed change
- Link to documentation on mobile security
- [Mobile application security guide links](https://mas.owasp.org/MASTG/)
-
## Terms:
- **Database ID** - unique name of the current database used by the application; this could be for example Personal ID / Social Security number / PESEL (PL) or any other unique value - ne…
pkarw updated
3 months ago
-
Details: Given how seriously the user's security and privacy are taken, one might expect that the app would not accept blank passwords to be set. However, that is not the case. Careless first time use…
-
### What feature?
The application currently lacks a Content Security Policy (CSP), which increases the risk of cross-site scripting (XSS) and other injection attacks. Implementing a CSP is essential …
-
## Description
Addition of Blockchain / Crypto Related Vulnerabilities from protocols, smart contracts, and zero knowledge.
## Changes
**Decentralized Application Misconfiguration**
Decentra…
nnons updated
20 hours ago
-
Details: Given how seriously the user's security and privacy are taken, one might expect that the app would not accept blank passwords to be set. However, that is not the case. Careless first time use…
-
We could extend the advisor's capabilities for static code analysis, esp. with a focus on security, like with any of these (alphabetical order):
- [Bearer](https://github.com/bearer/bearer)
- [Eclips…