While providing consultancy on cyber security, I am often asked a question by bank’s senior IT management — Why our application VAPT should be different than any other application VAPT? Isn’t it just a web app after all? I really wish if that was true, but it is not. It is a misconstrued notion in…
I guess most of us know why a vulnerability assessment and penetration testing needs to be performed for web apps or mobile apps. Lately I had been asked by IT product development companies to put together the most critical drivers for this. I thought I would sum it up and share for benefit of everyone…
We at Valency Networks, keep on studying various attack patters, while performing application security penetration testing for our customers. We also keep an eagle’s eye on the attack that are gaining momentum, resulting into credible damages. This blog is an outcome of the study and assessment that we performed over past few years, as well…
CSRF Attack For Banking Apps Cross-site request forgery vulnerability is currently ranked Number 8 on the OWASP Top 10 vulnerabilities chart and is a very common application-layer vulnerability to exploit. It’s also known as a one-click attack, Session Riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF. WHAT IS CSRF CSRF allows the malicious attacker to use…
WEB APPLICATION VULNERABILITY Web Application Vulnerabilities are some of the most common flaws leading to modern data breaches, These are not limited to only XSS(Cross Site Scripting) and SQL INJECTION. Application Vulnerability – Software system flaws or weaknesses in an application that could be exploited to compromise the security of the application. Buffer Overflow – Buffer Overflows occur…
