In a previous blog post, I discussed several pitfalls of information disclosure during registration and authentication and how difficult it is to prevent them. In this article, I’m going …

If you read my previous post regarding Common Information Disclosure Vulnerabilities During Registration and Authentication, then you know how difficult it is to prevent user enumeration. Most developers seem …

Traffic can make or break your website. Too little indicates your website is underused and unpopular. Too much can overwhelm your business. Or it could mean your website is …

Let’s face it. We all have secrets. That’s not necessarily a bad thing. There are just certain pieces of information you don’t want everyone to know – your phone …

One of the great benefits of utilizing OAuth 2.0 is that your application totally outsources its authentication responsibility. The result is that the client simply passes an access token …

With the promotion of WebAuthn to an official web standard, it’s only a matter of time before software developers begin to take advantage of its perks. If you aren’t …

Password. Say this word around a security professional and you’re liable to elicit quite a response. You may just want to shelter your children’s ears if they happen to …

Rust is an exciting programming language and I highly recommend giving it a shot. Getting started is a cinch. If you’re interested in programming Rust on Windows, follow the …

There’s been an awful lot of talk about Rust lately, and I’m not talking about that reddish crap that eats away at your car bumper. I’m talking about the …

One of the most comprehensive studies regarding software security that I’ve found is published on an annual basis by Veracode and is entitled, “The State of Software Security,” or …