Fractional CISO | Penetration Testing | Training | AWS Security
Jemurai is a security company with deep experience in both application development and security.
Use our platform to continuously check the security of your systems.
We teach leaders and developers about security in fun, hands on and language relevant training with online reinforcement.
Introduction Almost every time we do a penetration test or code review, we find problems with authorization. Sometimes we call these horizontal or vertical privilege escalation. Sometimes we call it instance based restriction gaps or function based restriction gaps. Ultimately, many applications fail to implement clear restrictions on who can do what. This post attempts to revisit these […]
Introduction Redshift is Amazon’s data warehousing solution. Here’s how they describe it at: https://aws.amazon.com/redshift/. Redshift delivers ten times faster performance than other data warehouses by using machine learning, massively parallel query execution, and columnar storage on high-performance disk. You can setup and deploy a new data warehouse in minutes, and run queries across petabytes of data […]
Introduction The X-XSS-Protection header only helps protect against certain reflected XSS attacks. It does nothing for stored XSS attacks. Don’t rely on it to protect your site from XSS! What it can do: Block reflected XSS attacks Reflected XSS occurs when a malicious query parameter in a page’s URL is rendered unsanitized on the page. The […]