Web & Mobile Application Security
Azure Single Sign-On Case Study #3: Secure authentication for Function Apps
Azure Single Sign-On Case Study #3: Secure authentication for Function Apps
General guidance on Azure Function App authentication setup for different client types.
New, old and new-old web vulnerabilities in the Era of LLMs — real-life examples
New, old and new-old web vulnerabilities in the Era of LLMs — real-life examples
What can go wrong in LLM web applications from a security perspective? In this article, you will discover examples of threats and…
Azure Single Sign-On Case Study #2: Unmasking authentication in Function Apps
Azure Single Sign-On Case Study #2: Unmasking authentication in Function Apps
Explore the details of configuring Single Sign-On for Azure Function Apps and discover the potential security risks.
Azure Single Sign-On Case Study #1: Secure architecture for SPA & API
Azure Single Sign-On Case Study #1: Secure architecture for SPA & API
A case study of an insecure Single Sign-On architecture followed by a comprehensive guide on how to do it the right way.
Web Push Notifications and user-targeted attacks — our research
Web Push Notifications and user-targeted attacks — our research
Web push notifications are very common — but also not always secure. In this article, you will discover why and how push notifications…
The year in review: the most interesting Single Sign-On vulnerabilities of 2023
The year in review: the most interesting Single Sign-On vulnerabilities of 2023
Check out a summary of 2023’s most interesting Single Sign-On vulnerabilities, and make sure your company is not vulnerable to them.
Manual vs. automated penetration testing — or maybe both?
Manual vs. automated penetration testing — or maybe both?
This article shows why manual and automated penetration tests are both important and not interchangeable.
Storing secrets in web applications using vaults
Storing secrets in web applications using vaults
There is no one-size-fits-all solution when it comes to storing secrets in web applications. Here, you will learn about the useful feat…
Crypto Wallet Security — Video
Crypto Wallet Security — Video
In this video, you will learn what security features are important for mobile crypto wallets.
How passkeys will impact app security and set us free
How passkeys will impact app security and set us free
Find out more about the latest authentication trend and discover technical details behind passkeys.
Third-party iPhone keyboards vs your iOS application security
Third-party iPhone keyboards vs your iOS application security
The story about the customization of iPhone keyboards is a tightrope walk between comfort and security. Given this road full of obstacles…
HTTP request smuggling attack. Is it a vulnerability still worth considering?
HTTP request smuggling attack. Is it a vulnerability still worth considering?
Smuggling through international borders is a massive-scale problem. History has shown people can smuggle everything, from drugs, money, and…
7 key steps for secure Single Sign-On integration
7 key steps for secure Single Sign-On integration
A security guideline for implementing a Single Sign-On (SSO) integration into your web app.
