Contact us: info@tenendo.com
Vulnerabilities Scanning
PCI DSS requires organizations to conduct regular vulnerability scans, both internally and externally, to identify and address security weaknesses in …
Avoiding XSS injection vulnerabilities
In this section, we'll describe some general principles for preventing cross-site scripting vulnerabilities and ways of using various common technolog…
Avoiding OS command injection
Every command call and dynamic code generation method is a ticking bomb and must be handled accordingly.
Avoiding Templates injection
The best way to prevent server-side template injection is to not allow any users to modify or submit new templates.
Avoiding other injections
Secure coding practices prescribe that spring expressions using dynamic values should be avoided.
Avoiding injection vulnerabilities
Injection attacks refer to a broad class of attack vectors. In an injection attack, an attacker supplies untrusted input to a program. This input gets…