I am trying to do a twistlock scan on an image and I can see a compliance error stating Private keys stored in image I have not hardcoded any keys in the image.
While running the checkmarx on angular 13 project the report results a 'Unchecked Input For loop Condition' medium issue. Even after limiting the object length
I have a wordpress site that features a .htaccess and a file called postfs.php. But when I try to delete them, they are written again. I tried
I am trying to use Secure Webhook solution by Microsoft Azure to send Planned Maintenance Events to my web application's endpoint. However, while testing the we
I have been looking at the RBAC documentation but I cannot find something specific, like default roles or a set of privileges that will apply to a common role.
My website is setup through IIS10, and I've given my application pool user, IIS AppPool\DefaultAppPool, all the rights I can think of. But when I use this appl.
I have a simple Django project with a PostgreSQL backend and I can't seem to get rid of the Django security vulnerabilities warning signs on my terminal. Settin
I have a netcoreapp3.1 application deployed to on-prem IIS instances using the .NET Core Hosting Bundle. Because the app is deployed to 2 load balanced servers
Currently, I have the WEB API that will check uploaded code from the client and run it. It is the platform for testing. For example, there is a test for users:
I'm new to spring security and I am trying to create a web application with Jwt Token the problem is that i cant authenticate it always give me 401 error with i
I'm getting this alert from checkmarx, saying that i have an unsafe object binding when trying to save a comment. I've read that we mustn't save objects directl
I am working to fix Veracode vulnerability CWE-73 (https://cwe.mitre.org/data/definitions/73.html) for my application in which the input filename is dynamically
I am building a Web Application where the user's data is end-to-end-encrypted. The web client obviously needs a secret that nobody else knows for end-to-end-enc
I would like to learn more about using Kibana in querying/ searching indications of certain attack events, such as bruteforcing an account, scanning/enumerating
The scanner is highlighting the below line as security hotspot. mysocket = ssl.wrap_socket(http_server.socket, keyfile=self.keyfile, certfile=self.certFile, ser
I am building my first react app and not sure about front end security. I am making a call to the following third party library: emailjs.sendForm(serviceID, tem
The company I work for has a requirement to protect some area where articles are rendered, I've implemented some procedures to protect web-scraping but the prob
I am sending this command with a DER encoded public RSA key. 1234EO013082010a02820101ec7b6d6be7d0603e3f247c22dd0ae533f02f1216fd9099d6ec5c596eb92c95e8ee87e3437af
I am building a node.js web application with react for the the GUI and graphQL served with Apollo for the back-end connecting to a RDS (MySQL) instance on AWS.
In AWS Inspector Classic I want to scan an Amazon Linux 2 based EC2 image against the ruleset for CIS Benchmarks Amazon Linux 2. The AMI has been hardened to th