Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

CSRF

Below you will find reports with the tag of “CSRF”

image from Hacker-Powered Security Report: Industry Insights '21

Hacker-Powered Security Report: Industry Insights '21

HackerOne’s Hacker-Powered Security Report: Industry Insights leverages data from real-world vulnerability reports to provide insight into the fastest-growing vulnerability categories, how bounty prices are changing year over year, and which industries are fastest to fix. The most innovative CISOs stay ahead of cybersecurity threats and mitigate vulnerabilities by augmenting internal teams and security testing tools with a skilled and engaged hacking community.

(more available)
Added: May 22, 2024
image from State of Software Security v11: Open Source Edition

State of Software Security v11: Open Source Edition

Get best practices on managing your open source libraries in our State of Software Security v11: Open Source Edition report. Based on 13 million scans of more than 86,000 repositories, SOSS v11: Open Source Edition gives you a unique perspective on the open source libraries in codebases today, how organizations are managing the security of these libraries, and best practices on using open source code securely.

(more available)
Added: June 22, 2021
image from 2019 Year in Review: ICS Vulnerabilities

2019 Year in Review: ICS Vulnerabilities

The findings in this report are a comprehensive look at ICS vulnerability statistics, including how they affect industrial control networks and whether appropriate mitigation is provided alongside the published advisories. Dragos identifies errors in the vulnerability scores associated with public reports, a critical part of our vulnerability assessments. By identifying and updating errors in vulnerability scores, Dragos vulnerability assessments help asset owners and operators better prioritize and manage patching and update procedures.

(more available)
Added: March 1, 2020
image from The state of JavaScript frameworks security report 2019

The state of JavaScript frameworks security report 2019

This report covers: the security practices for each of the two different core projects, both Angular and React, the state of security of each of the two different module ecosystems, based on an in-depth look at the vulnerabilities contained in each of the ecosystems, the security practices for other common JavaScript frontend framework alternatives such as Vue.js, Bootstrap and jQuery, and the significant security differences between the different alternatives, and particularly between Angular and React

(more available)
Added: February 12, 2020
image from 2016 Vulnerability Statistics Report

2016 Vulnerability Statistics Report

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2016. The vulnerabilities discovered are a result of providing “Fullstack” continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises, From Telecoms & Media companies to Software Development, Gaming, Energy and Medical organisations. The statistics are based on the continuous security assessment & management of over 57,000 systems distributed globally.

(more available)
Added: October 26, 2018
image from JWT Handbook

JWT Handbook

Ever wondered how JWT came to be and what problems it was designed to tackle? Are you curious about the plethora of algorithms available for signing and encrypting JWTs? Or are you interested in getting up-to-speed with JWTs as soon as possible? Then this handbook is for you.

(more available)
Added: October 20, 2018
image from March 2018 AppSec Intelligence Report

March 2018 AppSec Intelligence Report

This monthly report details Application Security obvservations from March 2018.

Added: October 20, 2018
image from Network Attached Security Attacking A Synology NAS

Network Attached Security Attacking A Synology NAS

Network-Attached Storage (NAS) devices are a popular way for people to store and share their photos, videos and documents. Securing these devices is essential as they can contain sensitive information and are often exposed to the Internet. Because Synology is one of the top manufacturers of NAS devices, this paper chose to analyze a Synology DS215j. In doing so it identifies a number of exploitable security flaws. In this paper, they discuss in detail the analysis performed, methodologies used, and vulnerabilities found during the summer of 2015.

(more available)
Added: October 18, 2018
image from Authentication Survival Guide

Authentication Survival Guide

This book aims to be an accessible starting point for everyone that is starting to work with authentication. In this book, you’ll find a concise review of all the key protocols, formats, concepts and terminology that you’ll likely come across when implementing authentication.

(more available)
Added: October 17, 2018
image from Cross-Protocol Request Forgery

Cross-Protocol Request Forgery

This whitepaper formalizes a class of attacks called Cross-Protocol Request Forgery (CPRF) which enables non-HTTP listeners to be exploited through Cross-Site Request Forgery (CSRF) and Server-Side Request Forgery (SSRF). This paper both references existing research and expands upon it in later sections.

(more available)
Added: October 15, 2018
image from The State of Bug Bounty 2016

The State of Bug Bounty 2016

This is an annual report that provides an inside look into the economics and emerging trends of bug bounties, with data collected from Bugcrowd’s platform and other sources throughout 2016. This report is published on a yearly basis for CISOs and other security decision makers to provide a transparent look at the evolving bug bounty market.

(more available)
Added: October 14, 2018
image from 2017 State Of Bug Bounty Report

2017 State Of Bug Bounty Report

This report mines that data and details to provide an inside look to the economics and emerging trends of managed bug bounty programs.

(more available)
Added: October 13, 2018
© Cyentia Institute 2025
Library updated: June 27, 2025 08:08 UTC (build b1d7be4)