Our Resources Categories
Are My Coins Safe?
Are my coins safe? Cybersecurity in cryptocurrencies The world of technology is evolving rapidly, and one of the most exciting innovations is cryptocurrency, led by Bitcoin. It’s being hailed as a game-changer in global finance, with the potential to transform how we trade and exchange money. But before diving in, it’s important to understand the […]
avatao-adminAutomate infrastructure securely with Ansible
Automate infrastructure securely with Ansible In this article, we’ll explore how Ansible can automate your infrastructure. At Avatao, we champion infrastructure-as-code, where setup tasks, configuration, and access management are all coded for consistency and reduced human error. This approach ensures changes are reproducible and auditable, while leveraging tools like version control and automated testing for […]
Best practices to prevent IDOR vulnerabilities
Best practices to prevent IDOR vulnerabilities Insecure Direct Object Reference (IDOR) is a vulnerability that can lead to a cyber attack. Without the user’s permission, URL parameters or form field data are changed to provide different resources than intended. IDORs occur in “Direct Object References”, which are web-application designs where controlled resources are identified as […]
Broken Access Control
Broken Access Control In this article we cover examples of broken access control, how to find it in your application and possible consequences. Access control, or authorization, defines how a web application determines which resources users can access and which ones they cannot. hese resources mostly fall into two categories: sensitive data, which should only […]
Deep dive into the Equifax breach and a Struts vulnerability
Deep dive into the Equifax breach and a Struts vulnerability You’ve probably read about the Equifax breach and the Apache Struts vulnerability in NY Times, in Bloomberg or somewhere else. The breach resulted in the leakage of 143 million user profiles, including Social Security numbers, birthdates and addresses. Needless to say that these are very […]
Deserialization vulnerabilities in Java
Deserialization vulnerabilities in Java Understanding serialization and deserialization vulnerabilities is the first step toward building secure applications. For most developers, it’s a challenge to find the right balance between coding securely and meeting other objectives like tight deadlines. This often results in products that are vulnerable to deserialization attacks which would be otherwise difficult to […]