Flying Naked: Why Most Web Apps Leave You Defenseless

An attacker frames your web page, makes it transparent, and floats it over its own site. The defense is simple: Just add an X-FRAME-OPTIONS: SAMEORIGIN header to all your pages. A passive tool (like OWASPs ZAP) can verify that the header is set on all your web pages in a test environment. Training and standardization are key to improving application security in the future, says John Defterios.”]

Source: https://www.darkreading.com/application-security/flying-naked-why-most-web-apps-leave-you-defenseless

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Certificate Security in the Wild West

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

This Week's TV: Felicia Day Plays a Hacker with a Dungeons and Dragons Tattoo

Categories

Partners

Just add here your partners image or promo text