Adrian Hayter is an information security professional with over 10 years of experience developing and breaking web applications. He currently works as a senior penetration tester on Veracode’s MPT team. Adrian also has experience in network penetration testing, and has a keen interest in the Internet of Things (IoT) as well as the development of exploits and security tools. He received a BSc and MSc in Computer Science and Information Security from Royal Holloway, University of London.
- Security Can Be Complicated. Session Management Doesn’t Have To Be.July 18, 2017 | Secure Development
While performing a manual penetration test recently, I encountered a session management system that flew in the face of almost all the recommended security practices. Rather than use a pre-built implementation associated with a development framework, the developers had written one from scratch that, among other things: Generated session tokens based on the user ID and numeric counters. Appended… READ MORE
Stay up to date on Application Security
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.