What Is a Network Source of Truth?
A network source of truth is a centralized repository of accurate, up-to-date information about the configuration and status of all the devices, connections, and services within a network
What Is a Network Source of Truth?
A network source of truth is a centralized repository of accurate, up-to-date information about the configuration and status of all the devices, connections, and services within a network
An API is essentially a tool to provide an interface for the client with the software—that’s what they do. Some of the API methods modify application state and some return data to the client. Further, some methods can do both. Once we return data to the client, we need to make sure that we return only what’s necessary and don’t expose any sensitive information. This post will cover excessive data exposure in APIs with examples and prevention methods. The examples will be given in the context of the Java Spring framework. REST …
If a malicious user gains access to functionality that only system administrators should have access to, there can be dire consequences. This post is about a specific type of vulnerability called broken object level authorization, or BOLA. This happens when an attacker gains access to API methods that should be restricted. In addition to talking about what this is, I’ll discuss ways to mitigate this attack in general, and specifically in Java Spring Boot. Broken Object Level Authorization Defined Back-end APIs are basically a set of functions that return answers to requests. …
Broken authentication vulnerability was recognized as one of the OWASP’s top 10 vulnerabilities. Broken authentication vulnerability essentially is when an attacker gains unsolicited access to restricted data and/or functionality. It can lead to identify theft, data leakage and, in worst-case scenarios, give total control of the compromised system to the attacker. This post will cover broken authentication vulnerability in general and in Java Spring in particular. What Is Broken Authentication Vulnerability? Broken authentication means an attacker can gain access to restricted data by pretending to be a different user. The attacker provides …
XML is a markup language that we use to define and categorize data. Data stored in XML format can move between multiple servers or between a client and a server. Once a server receives an XML input, it parses it via an XML parser. XML external entities are basically references in the XML document to files or URLs outside of the XML document. Essentially, it’s an XML standard feature that enables accessing and/or loading external resources. However, this feature can be dangerous, as it can allow malicious actors to retrieve unauthorized sensitive …
A Cross-Site Request Forgery (CSRF) is one a common malicious attacks because it requires little technical expertise. The combination of the ease of execution, low barriers for executing it, and the prevalence of targets requires active measures against it. Let’s start with a few definitions. Cross-Site Request Forgery As explained in OWASP, a CSRF, also known as a one-click attack or session riding, is a popular attack vector on a website or SaaS application. It’s a type of malicious exploitation of a website where unauthorized commands are submitted from a user that the web …