Topics relating to application security and attacks against software.
When designing a REST API or service are there any established best practices for dealing with security (Authentication, Authorization, Identity …
wcf security rest authorization rest-securityIs it possible to convert a .pfx (Personal Information Exchange) file to a .cer (Security Certificate) file? Unless I'm mistaken, …
security certificate pfxWhat is the simplest way of doing two way encryption in common PHP installs? I need to be able to …
php security encryption cryptography encryption-symmetricI want my website to have a checkbox that users can click so that they will not have to log …
security cookies remember-meI'm trying to support JWT bearer token (JSON Web Token) in my web API application and I'm getting lost. I …
c# security asp.net-web-api jwtOne of the joys of working for a government healthcare agency is having to deal with all of the paranoia …
security browser autocomplete passwordsThe eval function is a powerful and easy way to dynamically generate code, so what are the caveats?
javascript security evalI have a .net application which is connecting to the SQL Server using windows authentication. We cannot use SQL Server …
sql-server sql-server-2008 security authenticationIs there an SQL injection possibility even when using mysql_real_escape_string() function? Consider this sample situation. SQL is …
php mysql sql security sql-injectionAn application that has been working without problem (and has not had any active development done on it in about 6 …
sql-server security sqlconnection