Audits Top 10

[InDepth#17] Let's dive deep into the wonderful world of storing environment variables safely, looking at the different options Laravel supports and…
[Tip#48] We write tests for everything else, so why not write tests for authorisation as well?
5
[Tip#47] Setting up a CSP doesn't have to be a daunting task! Let's take a look at a tips for getting started with CSPs, without breaking anything!
[Tip#46] Security headers add important layers of defence to your apps, preventing data leaks, XSS and CSRF attacks, clickjacking, and more... Why are…
4
[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the…
[Tip#45] The more dependencies your project has, the higher your risk of supply-chain attack is, and the less you're aware of what code is actually…
1
[Tip#44] Checkout that one simple trick... I mean... This is my favourite way to avoid XSS.
[Tip#43] It's essential for limiting bot attacks, and don't forget it on other sensitive routes like authentication...
[InDepth#15] There is a false confidence about mass-assignment vulnerabilities that hides how easy it is for them to occur and be exploited...
[Tip#42] Validating single values is easy, but what about arrays?