56,280 questions
Score of 0
0 answers
33 views
How to implement an mTLS client within an Electron app?
I am working on an Electron app that interacts with its backend via an API secured with mTLS.
But at our project we don't have a CA. A privkey/certificate pair was generated once and now every client ...
Score of -3
0 answers
51 views
Why Feroxbuster tool is just showing 403 always [closed]
Why is the Feroxbuster tool just showing 403 on all URLs, specifically 500 and 404 URLs?
When I just come to try the URL, the response comes from Burb or from the request library is 404 or mostly 500.
...
Score of 1
1 answer
42 views
How and where mnemonic/private keys are generated/stored in IOS for mobile non-custodial wallet [closed]
I am trying to understand how and where non-custodial wallets store private keys.
By reading the following secure enclaves article, it says:
Software wallets on mobile or desktop keep keys encrypted ...
Advice
0
votes
1
replies
97
views
To block a manual wipe in android
If I installed my app on system and Enrolls as Device Owner at setup
Blocks factory reset via DevicePolicyManager restrictions (DISALLOW_FACTORY_RESET)
Disables USB debugging (...
Advice
0
votes
0
replies
40
views
External data sharing onelake security
I'm looking for some clarification on how OneLake Security is intended to work with External Data Sharing.
The Microsoft documentation states that an external data share creates a read-only OneLake ...
Best practices
3
votes
2
replies
125
views
how to protect PC against supply chain attacks?
Trying to hear about different patterns/methods users protect their systems against opportunistic supply chain attacks on their PCs, not servers.
One major exposure that I -- and I assume many others -...
Advice
2
votes
1
replies
139
views
Where to learn agentic AI systems and cybersecurity with aligning with the latest trend
I want to learn Agentic AI systems and Cybersecurity using a project-based approach rather than only theory.
I am interested in:
AI agents and agentic workflows
Multi-agent systems
RAG (Retrieval-...
Score of 1
1 answer
112 views
Is it possible to get PasswordEncoder bean from UserDetailsService bean?
Probably most of the Spring Boot applications developers know it and use it in their WebSecurityConfigurerAdapter extensions:
@Override
public void configure(AuthenticationManagerBuilder auth) throws ...
Advice
2
votes
5
replies
136
views
Cybersecurity advice
I've been working towards learning cybersecurity....And as i learned I found that this is a very interesting topic and I became addicted to it...I am a btech student so I know the basics of networking,...
Best practices
0
votes
0
replies
68
views
Security Maturity Reduction Value in Cybersecurity Risk Assessment
What is the recommended methodology for calculating Security Maturity Reduction Value during a Cybersecurity Risk Assessment for critical infrastructure, and how should it be incorporated into overall ...
Advice
1
vote
2
replies
119
views
AWS-SSM vs SSH (security)
There's been a recent argument being made that SSM is safer (or more secure) than SSH. While this may be true for very specific cases, I tend to disagree with the blanketing statement that SSM is ...
Advice
0
votes
1
replies
86
views
Is Spring Security 5.2.9.RELEASE affected by CVE-2026-22732?
Hello Spring Security team,
I have a question regarding CVE-2026-22732.
According to the advisory, the affected versions are listed as:
5.7.0 through 5.7.21
5.8.0 through 5.8.23
6.3.0 through 6.3....
Advice
0
votes
3
replies
92
views
Frontend vs. Backend for simple unit conversion logic (UX & Security best practices)?
I'm implementing an area unit conversion tool on a website. Users will input a value in "Ping" (a local area unit, 1 ping ≈ 3.3058 m²), and the page will convert it to square meters and ...
Best practices
2
votes
1
replies
79
views
What does a practical implementation of authentication for an internal company app look like?
I'm working on architecting an internal app for my company that will have a separate frontend and backend and will use our IdP (Okta) for login. My initial idea is to have frontend have users log in ...
Best practices
1
vote
12
replies
166
views
Generate x509 Certificate in Java
I'm looking for a free Java code to generate an in-memory x509 security certificate v.3, not a certificate file on the disk. Should support extensions and RSA algo.
I need a low-level Java code, ...