Web Applications are the dominate form of how most of us interact with data. From the early days of the world-wide-web where it was a read-only view of data we have evolved to highly dynamic 2-way real-time views of everything we hold dear.

Securing a web application is complex owing to the many risks. And, it is certainly an area many sites can improve.


OAuth 2.0 Threat Model and Security Considerations

OAuth 2.0 has simplified authentication and authorisation for many applications, shifting from custom code to simple library import. However, as more applications come to rely on it, this makes its weaknesses more interesting. An attacker can gain access to a broader set…
Read More