Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Jinsong Yu shares deep architectural insights ...

In an increasingly interconnected digital world, web applications are the backbone of online services. With this ubiquity comes a significant risk: web applications are prime targets for cyberattacks.

While traditional penetration testing (pen testing) has long been the go-to method for identifying security gaps in a organization’s network and web application, a new approach has emerged: ...

The Open Web Application Security Project (OWASP) is an international nonprofit dedicated to providing free documentation, tools, videos, and forums for anyone interested in improving the security of ...

Traditional methods of protecting IT networks and data, including firewalls, zero trust and two-factor authentication involving verification on the same device twice, are failing to provide essential ...

The OWASP Top 10 list of the most critical web application security risks has finally been updated for the first time since 2013. This list, created by the Open Web Application Security Project (an ...

Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017. The ...

API security risk has dramatically evolved in the last two years. Jason Kent, Hacker-in-Residence at Cequence Security, discusses the top API security concerns today and how to address them. As a long ...

The Open Worldwide Application Security Project (OWASP) presented the first release candidate of the OWASP Top Ten 2025 at its "Global AppSec USA" conference: the list of the biggest security risks ...