FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5

By: The Hacker News
Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doing what's necessary to keep my organization's web applications secure?" The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain

Three Tips to Protect Your Secrets from AI Accidents

By: The Hacker News
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended. We're going to talk in this

Bug or Feature? Hidden Web Application Vulnerabilities Uncovered

By: The Hacker News
Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and email clients saturating the internet

Does the OWASP Top 10 Still Matter?

By: The Hacker News
What is the OWASP Top 10, and – just as important – what is it not? In this review, we look at how you can make this critical risk report work for you and your organisation. What is OWASP? OWASPΒ is the Open Web Application Security Project, an international non-profit organization dedicated to improving web application security.Β  It operates on the core principle that all of its materials are

crAPI - Completely Ridiculous API

By: noreply@blogger.com (Unknown)


completely ridiculous API (crAPI) will help you to understand the ten most critical API security risks. crAPI is vulnerable by design, but you'll be able to safely run it to educate/train yourself.

crAPI is modern, built on top of a microservices architecture. When time has come to buy your first car, sign up for an account and start your journey. To know more about crAPI, please check crAPI's overview.


QuickStart Guide

Docker

You'll need to have Docker installed and running on your host system.

Using prebuilt images

You can use prebuilt images generated by our CI workflow.

  • To use the latest stable version.

    • Linux Machine
    curl -o docker-compose.yml https://raw.githubusercontent.com/OWASP/crAPI/main/deploy/docker/docker-compose.yml

    docker-compose pull

    docker-compose -f docker-compose.yml --compatibility up -d
    • Windows Machine
    curl.exe -o docker-compose.yml https://raw.githubusercontent.com/OWASP/crAPI/main/deploy/docker/docker-compose.yml

    docker-compose pull

    docker-compose -f docker-compose.yml --compatibility up -d

  • To use the latest development version

    • Linux Machine
    curl -o docker-compose.yml https://raw.githubusercontent.com/OWASP/crAPI/develop/deploy/docker/docker-compose.yml

    VERSION=develop docker-compose pull 

    VERSION=develop docker-compose -f docker-compose.yml --compatibility up -d
    • Windows Machine
    Visit http://localhost:8888

    Note: All emails are sent to mailhog service by default and can be checked on http://localhost:8025 You can change the smtp configuration if required however all emails with domain example.com will still go to mailhog.

    Vagrant

    This option allows you to run crAPI within a virtual machine, thus isolated from your system. You'll need to have Vagrant and, for example VirtualBox installed.

    1. Clone crAPI repository 
      $ git clone [REPOSITORY-URL]
    2. Start crAPI Virtual Machine 
      $ cd deploy/vagrant && vagrant up
    3. Visit http://192.168.33.20

    Note: All emails are sent to mailhog service and can be checked on http://192.168.33.20:8025

    Once you're done playing with crAPI, you can remove it completely from your system running the following command from the repository root directory

    $ cd deploy/vagrant && vagrant destroy

    For more deployment options visit the setup instructions for more details.

    To know more about challenges in crAPI. Visit challenges



❌