Char49
  • Home
  • Company
    • About us
    • Team
  • Services
    • Auditing
      • Penetration Testing (Web Apps, Infrastructure, Mobile)
      • Red Team Assessment
      • Research (Apps, IoT)
    • Consulting
      • Data Loss Prevention
    • Training
      • Web Application Secure Coding
      • Mobile Application Secure Coding
      • APIs Secure Coding
      • Awareness Workshops
      • Social Engineering
  • Articles
  • Talks
  • Careers
  • Contacts

Articles

Checkout our recent articles.
  • Home
06 Oct

API6:2019 Mass Assignment

Fast pace development environments or unclear business or functional requirements make developers choose generic implementations: binding client-provided data (e.g. JSON objects) to data models (e.g. those provided by popular ORM/ODM libraries) is, unfortunately, a common pattern that leaves the doo...

By Char49 OWASP OWASP API Security Top 10, OWASP API, OWASP, API, API Security, Mass Assignment, JSON, ORM, ODM, REST API
24 Aug

API3:2019 Excessive Data Exposure

Either looking forward to generic implementations or due to short time-to-market, developers tend to expose all object properties (e.g. JSON), relying on clients (e.g. web front-end or mobile application) to filter relevant data to render. Quite often such data exposes system internals or personally...

By Char49 OWASP OWASP API, OWASP, API, API Security, API3, Data Exposure, JSON, OWASP API Security Top 10
Contact Details

LEAP Center – Espaço Amoreiras

Rua D. João V, nº 24, 1.03

1250-091 Lisboa - Portugal

Phone: +351 919 770 012 *
* Call to National Mobile Network

Email: sec@char49.com

@char_49

LinkedIn

Pages
  • Company
  • Team
  • Articles
  • Contacts
Links
  • Privacy Policy
  • Consumer Disputes
  • Complaints Book
Latest Tweet
Tweets by Char49

© Copyright 2023. All Rights Reserved.