The business of Authorization and Authentication flaws
business-logic
Ensuring security is one of the most daunting challenges that web applications are facing nowadays. Authentication and authorization are two main security fields that web applications must consider to be protected against unauthorized
Taxonomy of Business logic flaws
business-logic
In the previous article we defined and discussed Business Logic Flaws and its inherent risks. In software design, all the web applications can be modeled as set of use cases and workflows. A
A Whirlwind Tour of Ocular
ocular
In my study of learning styles, I came across the whole to part and part to whole concept. As with all learning style paradigms, this has a strong connection to communication styles, and
From Code Property Graph to Ocular
ocular
Information flow is fundamental to application security. We do not want sensitive information to reach untrusted principals (confidentiality), andWe do not want untrusted principals to corrupt trusted information (integrity)For example, it is
From Code to Code Property Graph
ocular
The most important security vulnerabilities thus far have been found via laborious code auditing. Also, this is the only way vulnerabilities can be found and fixed during development. However, as software production rates
What is a Business logic flaw?
business-logic
With increase in standards of technology in past decade, the complexity of a software applications has increased exponentially. Unfortunately, this has also increased the number of attacks that have been launched on such