As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could there be a way, in some cases, to reach the same results with less effort?
Managing dependencies for a project is a task that requires consistent effort and attention. Surely, you’ve found yourself concerned about any of the following while maintaining a project: Luckily, we’ve been able to use GitHub bots to automate dependency management to an extent with solutions like Dependabot and GreenKeeper. However, these bots mostly automate the creation of a new code pull request that proposes the changes to be made.
Docker is a containerization platform for bundling your code, dependencies, and runtime environment into self-contained units that run identically in different environments. Dockerizing a PHP application simplifies deployment by packaging the PHP runtime, a web server, and your source code and composer dependencies into a container. Getting started with Docker is easy. However, there are a few pitfalls you need to avoid before you can safely use it in production.
GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.
Welcome to the 5th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API4:2023 Unrestricted Resource Consumption. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.