Articles by Oriana Olivetti
9 articles published
June 11, 2024 (1y ago)
API Security: Best Practices for Python Developers - Part II
Part II of the Developer's Guide for a secure API implementation. Devs are the core of web applications, that's why you should continue learning how to prevent common attacks and secure your endpoints correctly. Avoid deploying vulnerable code by taking into account these Security Best Practices.
May 29, 2024 (1y ago)
Why Dependency Security Is Your First Line of Defense Against Cyber Threats
Explore the technical essentials of Software Composition Analysis (SCA) and dependency scanning, crucial tools for securing software against cyber threats in AI-driven development environments.
May 15, 2024 (1y ago)
Beginner's Guide to Client Prototype Pollution Vulnerabilities
The perfect introduction for those wanting to understand Prototype Pollution vulnerabilities and exploits. Because not everyone knows how Objects in JavaScript work, but we are about to change that! Are you up for the challenge?
April 30, 2024 (1y ago)
Pentesting Cross-Origin Resource Sharing (CORS) Vulnerabilities
Beginners guide to this common security misconfiguration. Here you'll find the steps to quickly spot and exploit CORS vulnerabilities out in the wild. Shall we start?
April 2, 2024 (2y ago)
The Developer's Guide to Effective Secrets Management
Discover how to safeguard your applications with effective secrets management. Learn about the challenges of secrets detection and how Vidoc Security Lab's AI Security Engineer can revolutionize your security measures against AI-generated code threats.
March 26, 2024 (2y ago)
API Security: Best Practices for Python Developers - Part I
Developer's Guide for a secure API implementation. Devs are the core of web applications, however, they are also the ones who end up introducing and deploying vulnerabilities that later get exploited. That's why you should know how to prevent common attacks and secure your endpoints correctly.
March 14, 2024 (2y ago)
SAST vs. DAST: Choosing the Right Security Testing for Your Project
Distinguishing between SAST & DAST is crucial for any robust security strategy. Adopting a unified approach, by leveraging both scans, ensures that your software remains secure during its lifecycle, effectively mitigating potential risks and vulnerabilities in today's fast-paced digital environment.
February 29, 2024 (2y ago)
AI Pentesting vs Automated Penetration Testing
In the rapidly evolving cybersecurity landscape, where the emergence of AI-generated code presents unprecedented challenges, the concept of automated penetration testing emerges as a beacon of innovation and efficiency.
February 20, 2024 (2y ago)
Why you never get Reflected XSS to execute: Balancing Payloads
Beginners guide to Reflected XSS. Everyone talks about the different XSS cheatsheets, and then you are supposed to try them one by one to see if any of the payloads get executed on your target. We don't like that. It's time-consuming and a mindless task.