Intesar's blog

If you have not tested your APIs against a vulnerability type, it is least likely you're protected against the exploit. If you don't understand a vulnerability type, it is least likely you'll be able to mitigate it when it's exploited. If you're not aware of a vulnerability, it doesn't mean you don't have one.

Law No. 1: If there is a vulnerability, it will be exploited. Law No. 2: Everything is vulnerable in some way. Law No. 3: Humans trusts even when they shouldn't. Law No. 4: With innovation comes the opportunity for exploitation. Law No. 5: When in doubt, see Law No. 1.    Most important 3 laws: With innovation comes the opportunity for exploitation. Everything is vulnerable in some way. If there is a vulnerability, it will be exploited.