Validate User Input
Here’s an attack scenario that could cost you money.
Best Practices for Security
Recommendations for developers focused on security.
This document collects content from our pentesters to help you secure your systems.
You want to start an application security program. You’ve read through the 2021 version of the OWASP Top 10. We’ll provide practical examples that you can use as patterns to secure your assets.
Available Articles
Once we’ve merged content into this guide, we’ll list them in the following table with the date of release.
| Article | Release Date | Author |
|---|---|---|
| Protect Against XXE Attacks | 2022-12-02 | Harsh Bothra |
| Insecure Deserialization | 2022-12-02 | Farid Luhar |
| Prevent Insecure Design in SQL | 2022-10-21 | Shashank Dixit |
| Protect Your APIs With Rate Limiting | 2022-10-21 | payloadartist |
| Prevent Server-Side Template Injections | 2022-10-21 | Shubham Chaskar |
| Validate User Input | 2022-08-19 | payloadartist |
| Prevent Security Misconfiguration | 2022-08-19 | Shashank Dixit |
| Protect Against Server-Side Request Forgery | 2022-08-19 | Harsh Bothra |
Prevent Security Misconfiguration
Configure your software properly to avoid security issues.
Protect against Server-Side Request Forgery
Protect your app against SSRF attacks.
Protect Your APIs With Rate Limiting
Protect your APIs. Use rate limits.
Prevent Insecure Design in SQL
We’ll address some typical design flaws when you set up SQL.
Insecure Deserialization
Insecure Deserialization is one of the OWASP Top 10 web vulnerabilities from 2017.
Prevent Server-Side Template Injections
Keep your app safe from SSTI attacks.
Protect against XXE Attacks
Securely configure your XML processor to prevent XXE attacks.
Last modified June.06.2023