Information Disclosure Issues in Web Applications

At times, web applications fail to protect either confidential or sensitive information or both from unauthorized or unintended parties. This situation is generally referred to as an information disclosure issue. Though such issues cannot be exploited in most of the cases, they can allow the attackers to gather information about a web application that can … Continued

Integrating OWASP ZAP in DevSecOps Pipeline

Security and innovations have often been at contrast positions when it comes to the development of new products and services. In a Rapid Application Development Cycle (DevSecOps), security teams often initiated DAST tools to locate vulnerabilities just before the launch of a new product or a new version of the previously-launched product. This became non-scalable … Continued