Security Corner:
Subdomain Takeover
By Eric Mann
In a previous issue, we discussed technical debt—the small compromises made by a development team to ship a product. Over time, every team should try to “pay down” this debt by investing time in refactoring, shoring up unit/integration tests, and conducting deeper code audits. Not every form of technical debt is code-related, though. Infrastructure-related debt can accrue as well and be an enticing target for would-be attackers. This month, we take a look at one such exploit: subdomain takeovers.
This article was originally published in the October 2018 issue of php[architect] magazine. To read the complete article please subscribe or purchase the complete issue.
Leave a comment
Use the form below to leave a comment: