OWASP Top 10 for LLM Applications Penetration Testing
Lead Penetration Tester Jason Taylor looks at OWASP’s Top 10 list for LLM applications for penetration testing as AI machine learning becomes prevalent.
-
-
OWASP Top 10: The Bedrock of an Application Penetration Test
When performing web app, mobile app, and API penetration tests, we refer to the OWASP Top 10. Here we’ll discuss what that means and why it’s helpful.
-
Introduction to Cross-Site Scripting
This video covers the basics of cross-site scripting, including reflected, stored, and DOM-based XSS as well as remediation to protect against these attacks.
-
OWASP Top 10: Broken Access Control
In this blog post, Raxis lead penetration tester Mark Fabian discusses broken access control and why it’s the most prevalent issue among the OWASP Top 10.
-
2021 OWASP Top 10 Focus: Injection Attacks for Penetration Testing
The latest draft of the OWASP Top 10 has been released. Though injection is #3, Raxis’ Matt Dun explains why that doesn’t mean the threat is any less severe.
-
Web Attacks: Insecure Transmission of Data
Raxis COO Bonnie Smyre discusses the vulnerabilities that arise when web apps transmit data insecurely and what you can do to secure your apps.
-
Web Attacks: Clickjacking
Many of the external network and web application penetration tests that we perform list ‘clickjacking’ as a vulnerability. Here Raxis COO Bonnie Smyre explains what clickjacking is and how you can protect against it.
