Full Stack Security

Should you Penetration Test Third Party SaaS Applications?

More and more businesses are migrating internal functions to cloud-based SaaS applications but what assurance do you have over their security — and should you penetration test it yourselves?

Scoping a penetration test

I’ve been around application penetration testing for many years now and I’ve seen and heard many things when it comes to scoping a job. This post is a bit of a <rant>brain dump</rant> around this subject because, well, it’s an interesting one and based on the feedback we get, we…

Build a Private Burp Collaborator Server on AWS with Terraform and Ansible

This post will show you how to set up a Burp Private Collaborator Server using Terraform and Ansible on AWS.

How to generate a Content Security Policy

Content Security Policy is a useful security addition to your web application but can be tricky to get started setting up. Until now.

There are some great resources out there about creating a Content Security Policy for your…

Ransomware Tips for Application Developers

We muse about a lot of potentially nefarious scenarios at 4ARMED, after all our job is to understand and anticipate IT security threats and help our clients protect themselves.