Similar to Injection, “broken authentication” really contains a whole host of vulnerabilities inside of it. Both weak password storage and allowing for things like cookie stuffing via stolen session IDs are examples of this vulnerability. There’s some substantial debate among people who think and talk about web security about the quality and substance of the… Continue reading Hive mind: OWASP 2017 Top 10 released The Daily Swig
Category: Education
trimstray the-practical-linux-hardening-guide: This guide details creating a secure Linux production system OpenSCAP C2S CIS, STIG.
These sysctls restrict eBPF to the CAP_BPF capability (CAP_SYS_ADMIN on kernel versions prior to 5.8) and enable JIT hardening techniques, such as constant blinding. System hardening is also needed for systems using the Linux kernel. The primary reason is that Linux distributions have linux hardening and security lessons to make a sacrifice between usability, performance,… Continue reading trimstray the-practical-linux-hardening-guide: This guide details creating a secure Linux production system OpenSCAP C2S CIS, STIG.