Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and […]
Johnson Controls recently announced patches for a critical vulnerability found by an external researcher in some of its industrial refrigeration products. According to advisories published by Johnson Controls and the US cybersecurity agency CISA, the flaw, tracked as CVE-2023-4804, can “allow an unauthorized user to access debug features that were accidentally exposed”. Impacted products include […]
Many CISOs are grappling with the conundrum of the purpose and value of security controls data in supporting critical business decisions, according to Panaseer. The biggest concern when taking on a new CISO role is receiving an inaccurate audit of the company’s security posture (54%). This is a tacit acknowledgment that inaccurate security data can […]