Skip to main content
The 2026 Annual Developer Survey is live— take the Survey today!.

Explore our questions

Score of 0
0 answers
10 views

Web security, binding session to user properties

Score of 3
1 answer
208 views

What's the best way to verify the coverage and effectiveness of a DAST scan?

Score of 4
1 answer
921 views

Kinsing Malware entering via compromised Dockerhub Images?

Score of 113
12 answers
45376 views

Why do sites implement locking after three failed password attempts?

Score of 1
1 answer
789 views

Microsoft 2FA triggered without password?

Score of 0
1 answer
274 views

openssl and pluggable engine digests

Score of -1
2 answers
81 views

Computers don't have reliable time information when booting. So why don't we ignore the expiry date on Secure Boot certificates?

Score of 1
2 answers
835 views

execute command in go without storing the command in a .exe file

Score of 2
2 answers
410 views

If a mobile app pins the Root Authority Certificate of a server and verifies its hostname, is it possible an attack via DNS-poisoning?

Score of 1
2 answers
84 views

Why is the Linux sudo model non-compliant with Cyber Essentials account separation requirements?

Score of 111
5 answers
28645 views

What kinds of encryption are _not_ breakable via Quantum Computers?

Score of 1
1 answer
3655 views

Credentialed scanning through SSH tunnel

Score of 1
1 answer
451 views

URL rewrite spoofable

Score of 1
1 answer
1332 views

Kerberos Encryption and Decryption

Browse more Questions