Article & News

It's time to secure your AWS Cognito configuration

When a missing flag can lead to an authorization bypass vulnerability

Article & News

How to protect your Decentralized Application

Is your DApp ready for the security challenges of the real world?

Events

BeDefended on stage at HackInBo 2022

Simone Bovi will talk next 28th May at HackInBo Spring Edition 2022 about Smart Contract (In)Security.

Article & News

Why Smart Contract security matters

The necessity of a security strategy for smart contracts and decentralized applications.

Events

BeDefended on stage at HackInBo 2018

Davide Davide Danelon will talk next 27th October at HackInBo Winter Edition 2018 about CORS (In)Security.

Article & News

Request Highlighter for Burp Suite

Released a new Burp Suite extension to help and facilitate manual penetration testing activities.

Article & News

Avoid Tapjacking on Cordova apps

How to prevent tapjacking attacks on hybrid applications developed with Cordova in less than a minute.

Article & News

When brute force prevention can turn in DoS

Account lockout could be a solution worse than the problem. Some practical advices to protect an app without introducing DoS.

Article & News

Implementing secure CORS on Apache Tomcat

When trusting default configuration lead to security issues.