Cloud access control is a critical part of cloud security strategy. Without granular controls in place, unauthorized users could gain access to your data or even take down your entire cloud infrastructure. Solutions such as Cloud access broker solution (CASB) help you enforce access controls by acting as a layer separating users and cloud service providers.

Web applications across the digital world are teeming with vulnerabilities increasingly equipped to defeat security mechanisms. Among them are injection attacks. We are aware of the many injection vulnerabilities present in a web application, for example, SQL injection, HTML injection, CRLF injection, cross-site scripting and many others. This article will discuss CRLF injection vulnerability in detail for web application security.

Imagining a time without internet access at every point of life seems unimaginable now. The internet has been the greatest boon of the 21st century, and with wireless networking, man has progressed in leaps and bounds. It has ensured high efficiency, greater time management, increased productivity and lesser mess (no copper wires lying around). From homes to offices, students to working professionals, Wi-Fi is everyone’s go-to choice.

Contrary to what the name suggests, rainbow tables are nowhere as picturesque and pose a severe threat to users and businesses using the digital world. This article will attempt to break down the hows and whats of a rainbow table and arm you with knowledge on preventing a rainbow table attack. Primarily used as the base of a password cracking tool, this table helps crack password hash values or crack passwords.

As we all know, whenever it comes to penetration testing, the first thing which comes to mind is reconnaissance. Banner grabbing is used in the initial phase of reconnaissance to get an idea about the target system or application.

The digital world is a vulnerable space prone to attacks of various kinds. Denial of Service is one of the regular strategy attacks used to crash any server. A DoS attack attempts to make a computer or network resource unavailable to its intended users by generating enormous traffic and costing the legitimate users valuable time and money.