all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode 204 - Logging, Edge Cases, Client API Exposure

Add to bookmarks
March 28, 2023, 6 p.m. |

Absolute AppSec absoluteappsec.com

The dynamite duopoly that is Ken and Seth are back to take the AppSec news by storm. Starting with Seth's favorite topic of Auditing or Logging, Ken brings up the recent Okta vulnerability report related to plaintext logging of usernames and passwords. This is followed by a review of Troy Hunt's recent post on edge cases when interacting with 3rd-party services, which the duo extrapolates to security edge cases and things they have seen recently. Finally, a discussion on manipulation …

api applications appsec auditing back cases client duo edge edge cases endpoints exposure hunt logging manipulation okta party passwords plaintext report review security services single things troy hunt usernames vulnerability

Visit resource

More from absoluteappsec.com / Absolute AppSec

Episode 245 - w/ Dustin Lehr - Security Champions 4 days, 11 hours ago | absoluteappsec.com
Episode 244 - w/ Kyle Kelly - Software Security Supply Chain 1 week, 4 days ago | absoluteappsec.com
absolute appsec consultant cybersecurity +18
Episode 243 - w/ Bryan Schmidt 1 month ago | absoluteappsec.com
absolute appsec bryan engineering +14
Episode 242 - LLMs Exploiting Vulns, State of DevSecOps 1 month, 1 week ago | absoluteappsec.com
analysis article autonomous backing +13
Episode 241 - Secure Defaults, Using LLMs for Code Review 1 month, 2 weeks ago | absoluteappsec.com
code code review listening llms +9
Episode 240 - Code Smells, XZ Backdoor, Hallucinations 1 month, 3 weeks ago | absoluteappsec.com
backdoor code code review conferences +16
Episode 239 - AppSec Intel, CVEs, Authorization 2 months ago | absoluteappsec.com
applications appsec authorization blog +18
Episode 238 - AppSec vs. Enterprise Sec, Supply Chain Tool Analysis 2 months, 1 week ago | absoluteappsec.com
analysis application appsec back +14
Episode 237 - Security 101, Nation State Hackers, Malicious Code 2 months, 2 weeks ago | absoluteappsec.com
breaches chinese code hackers +10

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com