Application Security

The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications.

Web Application and API Protection (WAAP) is a security platform combining multiple security measures that safeguard web applications and APIs from cyber threats.

Vulnerability scanning and penetration testing are essential components of application security testing. Such efforts require organizations to scan publicly and privately accessible websites, critical applications and endpoints using scanning tools to protect financial, personal identifiable, proprietary, and privileged information.

The Web Service Definition Language (WSDL) file is a web services deployment descriptor that outlines the functionality provided by the web service ...

An XML bomb is a small but dangerous message that is composed and sent with the intent of overwhelming the program that parses XML files.

An XML External Entity (XXE) attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser.

XML Injection is an attack technique used to manipulate or compromise the logic of an XML application or service.

XPath Injection is an attack technique used to exploit applications that construct XPath (XML Path Language) queries from user-supplied input to query or navigate XML documents.