all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Episode 204 - Logging, Edge Cases, Client API Exposure

Add to bookmarks
March 28, 2023, 6 p.m. |

Absolute AppSec absoluteappsec.com

The dynamite duopoly that is Ken and Seth are back to take the AppSec news by storm. Starting with Seth's favorite topic of Auditing or Logging, Ken brings up the recent Okta vulnerability report related to plaintext logging of usernames and passwords. This is followed by a review of Troy Hunt's recent post on edge cases when interacting with 3rd-party services, which the duo extrapolates to security edge cases and things they have seen recently. Finally, a discussion on manipulation …

api applications appsec auditing back cases client duo edge edge cases endpoints exposure hunt logging manipulation okta party passwords plaintext report review security services single things troy hunt usernames vulnerability

Visit resource

More from absoluteappsec.com / Absolute AppSec

Episode 243 - w/ Bryan Schmidt 4 days, 7 hours ago | absoluteappsec.com
absolute appsec bryan engineering +14
Episode 242 - LLMs Exploiting Vulns, State of DevSecOps 1 week, 4 days ago | absoluteappsec.com
analysis article autonomous backing +13
Episode 241 - Secure Defaults, Using LLMs for Code Review 2 weeks, 4 days ago | absoluteappsec.com
code code review listening llms +9
Episode 240 - Code Smells, XZ Backdoor, Hallucinations 3 weeks, 4 days ago | absoluteappsec.com
backdoor code code review conferences +16
Episode 239 - AppSec Intel, CVEs, Authorization 1 month, 1 week ago | absoluteappsec.com
applications appsec authorization blog +18
Episode 238 - AppSec vs. Enterprise Sec, Supply Chain Tool Analysis 1 month, 2 weeks ago | absoluteappsec.com
analysis application appsec back +14
Episode 237 - Security 101, Nation State Hackers, Malicious Code 1 month, 3 weeks ago | absoluteappsec.com
breaches chinese code hackers +10
Episode 236 - Memory Safe Languages, LLM Supply Chain Security 1 month, 4 weeks ago | absoluteappsec.com
back basics internet languages +16
Episode 235 - 2023 Top 10 Web Hacking Techniques, LLM Agent Hacking 2 months, 2 weeks ago | absoluteappsec.com
agent digest dynamic engine +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cybersecurity Consultant

@ Devoteam | Cité Mahrajène, Tunisia
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Phoenix, AZ, United States
View on infosec-jobs.com

(Senior) Director of Information Governance, Risk, and Compliance

@ SIXT | Munich, Germany
View on infosec-jobs.com

Information System Security Engineer

@ Space Dynamics Laboratory | North Logan, UT
View on infosec-jobs.com

Intelligence Specialist (Threat/DCO) - Level 3

@ Constellation Technologies | Fort Meade, MD
View on infosec-jobs.com

Cybersecurity GRC Specialist (On-site)

@ EnerSys | Reading, PA, US, 19605
View on infosec-jobs.com
View more jobs