In Redpoint Security’s existence as an application security firm, we have seen a range of clientele who manifest a whole host of differences: development teams and applications that range remarkably small and large, different levels of security maturity, compliance requirements that are relatively lax as opposed to highly demanding with a rapidly rushing SLA (Service-Level […]
Training Devs for a new OWASP Top Ten
What we learned from adapting our Application Security 101 course Background: The OWASP Top Ten – An Awareness Document The OWASP Top Ten is a widely-used guide developed by the fine folks at the Open Web Application Security Project that provides a list of the common and critical vulnerabilities in web applications. First published in […]
A Client-Side Solve: Browser Sanitization APIs
Could Browser Sanitization APIs mean a new era of client-side security? In April 2021, Google and Firefox both announced that a sanitization api would be integrated within their browsers. Ken Johnson (cktricky) and Seth Law (sethlaw) discussed these new developments on the Absolute Appsec podcast with a good deal more sanguinity than regular podcast listeners […]