Tagged articles

10 articles

Page 1 of 1

Apr 11, 2026 · Information Security

Beyond Prompt Guardrails: Full‑Stack Security Governance for AI Agents

The article explains how production‑grade AI agents require a full‑stack security framework—covering input sanitization, runtime policy enforcement, output verification, and audit—to mitigate ten OWASP attack surfaces such as prompt injection, tool misuse, memory poisoning, and cascading failures, with practical defense layers and red‑team testing guidance.

AI agentsLeast AgencyMemory Poisoning

0 likes · 14 min read

Beyond Prompt Guardrails: Full‑Stack Security Governance for AI Agents

Black & White Path

Mar 30, 2026 · Information Security

OWASP Top 10 Risks for LLMs Every AI Security Beginner Must Know

The article outlines the OWASP Top 10 threats for large language model applications—including prompt injection, data leakage, supply‑chain attacks, model poisoning, improper output handling, excessive agency, system prompt leakage, vector embedding weaknesses, misinformation, and unbounded consumption—plus three essential mitigation rules for newcomers.

AI securityLLMOWASP

0 likes · 6 min read

OWASP Top 10 Risks for LLMs Every AI Security Beginner Must Know

Woodpecker Software Testing

Jan 21, 2026 · Information Security

The OWASP LLM Top 10: Key Security Risks and Mitigation Strategies

The OWASP LLM Top 10 outlines the most critical security and risk vulnerabilities in large language model applications, describing each threat—from prompt injection to model theft—its potential impact, and recommended defense principles such as secure development lifecycles, defense‑in‑depth, least‑privilege, human‑in‑the‑loop, and continuous monitoring.

AI SafetyLLM SecurityOWASP

0 likes · 8 min read

The OWASP LLM Top 10: Key Security Risks and Mitigation Strategies

FunTester

Jun 26, 2024 · Information Security

Mastering Web Application Penetration Testing: Methods, Types, and Best Practices

Web application penetration testing is a systematic security assessment that identifies vulnerabilities such as SQL injection, XSS, CSRF, insecure authentication, and file‑upload flaws, using methods ranging from black‑box to manual testing, and follows best practices like OWASP guidelines to protect data, privacy, and system integrity.

OWASPWeb Securityinformation security

0 likes · 11 min read

Mastering Web Application Penetration Testing: Methods, Types, and Best Practices

Software Development Quality

May 15, 2024 · Information Security

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

APKDeepLens is a Python‑based tool that automatically scans Android APK files for security flaws, covering the OWASP Top 10 mobile risks and providing detailed, actionable reports for developers, pentesters, and security researchers.

APKOWASPPython

0 likes · 4 min read

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

DevOps

Jun 27, 2023 · Information Security

From DevOps to DevSecOps: Understanding Threats, Security Practices, and Using Microsoft Threat Modeling Tool

This article explains how DevSecOps extends DevOps by embedding security throughout the software lifecycle, discusses common threats such as SQL injection and broken access control, outlines the Security Development Lifecycle, and provides a step‑by‑step guide to using Microsoft Threat Modeling Tool for proactive risk mitigation.

DevSecOpsMicrosoftOWASP

0 likes · 20 min read

From DevOps to DevSecOps: Understanding Threats, Security Practices, and Using Microsoft Threat Modeling Tool

HomeTech

Dec 28, 2021 · Information Security

SQL Injection Vulnerability Analysis and Defense Strategies

This article provides a comprehensive analysis of SQL injection vulnerabilities, covering their principles, testing tools, repair methods, and defense strategies, with practical implementation guidance for secure web application development.

Database SecurityOWASPParameterized Queries

0 likes · 15 min read

SQL Injection Vulnerability Analysis and Defense Strategies

360 Tech Engineering

May 24, 2019 · Information Security

Understanding SQL Injection: Types, Techniques, and Defenses (OWASP Top 10)

This article explains the fundamentals of injection attacks, focuses on SQL injection as part of the OWASP Top 10, classifies injection vectors by data type, submission method, and impact, and provides concrete examples and defensive measures to protect web applications.

Blind SQL injectionDatabase SecurityInjection attacks

0 likes · 9 min read

Understanding SQL Injection: Types, Techniques, and Defenses (OWASP Top 10)

JavaScript

Oct 31, 2017 · Information Security

Understanding OWASP Top 10: Key Web Security Risks and Mitigation Strategies

The OWASP Top 10 project ranks the ten most critical web application security risks by analyzing threats, vulnerabilities, technical impact, and business consequences, offering developers, testers, and security teams actionable guidance to improve risk awareness and implement focused protection measures.

Application SecurityOWASPTop 10

0 likes · 2 min read

Understanding OWASP Top 10: Key Web Security Risks and Mitigation Strategies

Architects Research Society

Nov 24, 2015 · Information Security

Understanding Common Web Application Attacks and the OWASP Top 10

The article explains how modern web and cloud‑based applications are increasingly exposed to a range of application‑layer attacks—including injection, XSS, broken authentication, and insecure redirects—while highlighting OWASP’s Top 10 list, the importance of secure development practices, and IBM’s educational webinar series.

OWASPSecure CodingWeb Security

0 likes · 10 min read

Understanding Common Web Application Attacks and the OWASP Top 10