Application Security

Broken Access Control vulnerabilities exist when a user can access resource or perform an action that they are not supposed to be able to access or do.

A Brute Force password attack is a method of accessing a secured device or application by attempting multiple combinations of accepted character sets of usernames and\or passwords, using guessing tools and scripts, in order to try all the combinations of well-known usernames and passwords.

Cache keys are parts of an HTTP request that the cache will use to uniquely identify a response.

Cache poisoning refers to a security vulnerability where invalid entries can be placed into a cache, which are then assumed to be valid when later used.

The CIA Triad is a model for the development of security policies used in identifying problem areas, along with necessary solutions in the arena of information security.

Clickjacking is a type of exploit online, where hackers hide malware or malicious code in a legitimate-looking control on a website.

Code injection is the malicious injection or introduction of code into an application.

Command injection is an attack method in which a hacker alters dynamically generated content on a web page by entering HTML code into an input mechanism.