Content Security Policy (CSP) is the number one defensive technology in modern web applications. Many developers add ajax.googleapis.com to CSP definitions, because they use libraries from this very popular CDN in their web…
A race condition attack is one of the most dangerous and underestimated attacks on modern web applications. It’s related to concurrency and multithreading. As a result of this attack an…
We are back with some training for you in December. Check out these amazing courses!
PDF files are everywhere and they can be used to hack your web application. Imagine that the attacker prepares a malicious PDF file which steals sensitive data from a user….
We’ve got an amazing year ahead with 5 events across the UK. Our first training session this March is in London, where we’re running 5 different training courses over two…
Update: Talks and workshops are on the 44CON Hootenanny page and tickets are now available! From the 2nd to the 5th of December we’re running 4 days of high-end training…
We have a fantastic week planned from June 4th – 7th with training, a 44CONnect evening and of course hanging out with our friends at BSides London. If you want…
My 44CON Cloud Security and DevSecOps training course this June includes AWS, Azure and GitHub accounts which the students use so they don’t need to create their own. As I described in Part 1,…
My 44CON Cloud Security and DevSecOps training course this June includes AWS, Azure and GitHub accounts which the students use so they don’t need to create their own. As I described in Part…
This is a guest post by one of our trainers, Paul Schwarzenberger. Paul is running the fantastic Cloud Security and DevSecOps training course this June. He also has a blog…
44CONnect is an invite-only event taking place on the 6th of June, somewhere in London. The purpose of the day is to bring together people attending 44CON training, so they…