It’s Okay, We’re All On the SameSite

With Google’s recent announcement that all cookies without a SameSite flag will be treated as having SameSite=Lax set by default in Chrome version 80, surely Cross-Site Request Forgery will be dead? Well, not quite… In this post I’m going to demonstrate a scenario in which the SameSite default won’t actually stop a CSRF attack from …

It’s Okay, We’re All On the SameSite Read More »

Top 10 Blog Lists

We have written a lot over the past year and beyond, and we wanted to provide you with our Top 10 lists! Take a look and gain some new knowledge for the new year!! Top 10 Blogs from 2019 Better API Penetration Testing with Postman – Part 1 + Better API Penetration Testing with Postman – …

Top 10 Blog Lists Read More »

Using Components with Known Vulnerabilities

When dealing with cyber vulnerabilities, there are lots of threats that are unknown and ever changing that can put users at risk.  We often hear about the latest zero-day to wreak havoc with its clever name. But not all threats come from unexpected sources. Many originate through ancillary software dependencies with known issues that are overlooked, …

Using Components with Known Vulnerabilities Read More »

Scroll to Top