SSRF-Vulnerabilities-KrishnaG-CEO

OWASP Top 10 API Security Risks – 2023: API7:2023 – Server-Side Request Forgery (SSRF)

SSRF vulnerabilities occur when an API fetches a remote resource using a user-supplied Uniform Resource Identifier (URI) without adequate validation. This oversight allows attackers to manipulate the request, coercing the server to interact with unintended destinations. These attacks bypass traditional network controls like firewalls and VPNs, making them particularly insidious.

Container-Escapes-KrishnaG-CEO

Container Escapes: An Executive Guide to Mitigating Container Security Risks

A container escape occurs when an attacker exploits a security gap within the container to break out and access the host system. This escape can involve taking advantage of:

– Vulnerabilities in the containerisation software.
– Misconfigurations in permissions or settings.
– Insecure images that may contain malware or backdoors.