Allari Inc

Cross-site Scripting (XSS) and Cross-site request forgery (CSRF) are very common client-site attacks against web applications. While XSS execute scripts in the victim’s machine to gain users privileges the CSRF forge request on the victim’s behalf. It’s safe to say that XSS exploits the browser trust in a legit website while CSRF takes advantage of the website’s trust on the user’s browser. What is a cross-site request? Cross-site requests are meant to make websites dynamic such that websites can embed content from other pages. For example, online advertisements use cross-site requests to display images from Amazon, eBay, or other shopping sites. How does CSRF work? CSRF is a type of malicious exploit that forges and sends an HTTP request to a target website through the user machine. An open session on the target website is needed to perform this attack, such that the forget request is sent along with the session cookie. The HTTP request can be trigger using HTML tags or javasc...

Protecting your ERP data whether it be from SAP, Oracle or Microsoft is not a topic that should be taken lightly. Securing your SAP ERP system is crucial for the success of your business. ERP data is valuable and can easily pose the risk of a security breach. Often, enterprises feel that cybersecurity detracts and disrupts their workflows, leading them to fail to protect their business. Let's take a look at some of the most common ERP system security issues so that if anything happens, you know how to keep your ERP and the data within it protected and well maintained. Lack of Employee Training and Upkeep Frequently the ERP system users are not well trained, which makes them the principal security risk. Having an ongoing training schedule should be of high priority. Employees should be briefed about the ERP updates regularly. Investing time and money in cybersecurity measures and technology won't be enough if your employees don't know how to use the system securely. Overl...