SQL injection is the insertion or injection of a SQL query via input data from the client to the application. Successful attacks can lead to an attacker accessing sensitive data from the database, modifying database data, potentially shutting the database down or issuing other admin commands, recovering the contents of…
A quick and dirty guide to some of the most commonly asked interview questions in entry-level security jobs. What's the difference between an allowlist and a denylist?Allowlist: Everything is denied access, except items which are on the list. For example, a company might compile a list of all authorized…
It's January, which means for a lot of people, it's New Year's Resolution time. Personally, I've never liked the idea of waiting until January to set resolutions for change, but I do like using it as a chance to review what I've accomplished in the last year and set goals…
Bug bounty programs allow independent security researchers to report bugs to an organization and receive rewards or compensation. These bugs are usually security exploits and vulnerabilities, though they can also include process issues, hardware flaws, and so on. The reports are typically made through a program run by an independent…
Often in technology, we assume that everyone else is as excited about our product as we are. This tends to be a problem across the board in the tech sector (and even amongst teams, like security and developers, or operations and developers). There's a reason that DevOps and DevSecOps were…
Cover letters, like résumés, are hard. And most people are bad at them. This makes sense – you probably only write a cover letter or résumé every few years. It involves selling yourself and your skills, which is something most people struggle with. On top of this, it's difficult to sort…
Job hunting is hard. It's not something you ever get comfortable with, because you typically don't do it often enough to get good at it. There's also A LOT of bad advice on the internet about how to job hunt. Because it can be difficult to figure out which resources…
Résumés are hard. And most people are bad at them — which makes sense, because you probably only write or update your résumé every few years. It involves selling yourself and your skills — something most people struggle with. On top of this, it’s difficult to figure out how to sort…
