Episode Details

Back to Episodes
What I Learned from Scanning Dozens of Small Government Websites (and Why the Same Bugs Keep Coming)

What I Learned from Scanning Dozens of Small Government Websites (and Why the Same Bugs Keep Coming)

Published 4 months, 1 week ago
Description

This story was originally published on HackerNoon at: https://hackernoon.com/what-i-learned-from-scanning-dozens-of-small-government-websites-and-why-the-same-bugs-keep-coming.
What I found while scanning dozens of small U.S. government websites with an open-source tool — the same five security mistakes and how to fix them.
Check more stories related to cybersecurity at: https://hackernoon.com/c/cybersecurity. You can also check exclusive content about #web-security, #cybersecurity, #govtech-user-experience, #govtech, #opensource, #webdev, #devops, #legacy-cms, and more.

This story was written by: @civicmeshflow. Learn more about this writer by checking @civicmeshflow's about page, and for more stories, please visit hackernoon.com.

I built an open-source scanner and pointed it at small U.S. government websites. The same five security mistakes kept showing up: weak HTTPS, no CSP, leaky test files, insecure cookies and outdated JS – plus a simple baseline to fix them.

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us