Welcome back, in this blog post we're going to cover information disclosure vulnerabilities from a couple of different angles. This is the third post in the security blog series that I've been writing. For the previous one, click here .

In this day and age a company lives and dies on the information it holds. If your information isn't safe, then your company isn't safe in many respects. Information disclosure can be something as benign as giving away a list of services running on ports on one of your machines, to something less benign such as internal addressing map for your network, and at worst the release of your intellectual property or your trade secrets.

Comment (0) Read More...

Today’s article covers the concepts of fail closed and fail open design. These two concepts are extremely simple to grasp through example. So, let’s step aside and let the following short story teach us about fail-open systems design:

Comment (0) Read More...

    In today's software development environment, a developer would be extremely remiss if they did not consider security when designing and implementing applications. Unfortunately, what each developer considers secure programming varies widely. This is partly because when being taught software development (or for you autodidacts, learning it on your own), generally speaking most materials and courses do not cover the information required to make informed security decisions. On top of this, developers are human and do make mistakes, and lets face it guys and gals... we’re lazy. (Excluding Bulletproof developers of course! :)). That is, being human, we sometimes cut corners, and sometimes, they come pre-cut.

Comment (0) Read More...