<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>application security on Kuldeep Pisda</title><link>https://kdpisda.in/tag/application-security/</link><description>Recent content in application security on Kuldeep Pisda</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Thu, 11 Dec 2025 13:15:36 +0530</lastBuildDate><atom:link href="https://kdpisda.in/tag/application-security/index.xml" rel="self" type="application/rss+xml"/><item><title>10 Penetration Testing Best Practices Your Startup Can't Ignore in 2025</title><link>https://kdpisda.in/10-penetration-testing-best-practices-your-startup-cant-ignore-in-2025/</link><pubDate>Thu, 11 Dec 2025 13:15:36 +0530</pubDate><guid>https://kdpisda.in/10-penetration-testing-best-practices-your-startup-cant-ignore-in-2025/</guid><description>&lt;p&gt;I remember this one client. Their file upload feature seemed totally harmless, but it turned into a gaping backdoor for an attacker. It wasn&amp;rsquo;t some wild, zero day exploit you see in movies; it was a simple misconfiguration that just spiraled out of control. This story is surprisingly common in the startup world. You are building fast, shipping features, and security can feel like a brake pedal you really do not want to press. But what if we thought of it as a seatbelt instead?&lt;/p&gt;</description></item><item><title>Stop Asking "Who Can Do What?" Start Asking "What Can This Role Do?" - A Guide to Role Based Access Control Implementation</title><link>https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/</link><pubDate>Tue, 09 Dec 2025 12:55:38 +0530</pubDate><guid>https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/</guid><description>&lt;p&gt;Picture this: it&amp;rsquo;s a quiet Tuesday afternoon. Too quiet. A frantic Slack message pops up from a junior developer. &amp;ldquo;Uh, guys&amp;hellip; I think I might have just tried to delete the production database.&amp;rdquo;&lt;/p&gt;
&lt;p&gt;We&amp;rsquo;ve all felt that cold sweat, right? That heart in your throat moment when a simple command goes horribly wrong.&lt;/p&gt;
&lt;p&gt;&lt;picture&gt;
 &lt;source type="image/webp" srcset="https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_4e037861694a81e5.webp 400w, https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_d10acadeb26f4b9c.webp 800w, https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_8b1d603700dd1408.webp 1024w" sizes="(min-width: 46rem) 704px, 100vw"&gt;
 &lt;img src="https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_82468906c8e10b5a.jpg" srcset="https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_d67f38ac0a8b9881.jpg 400w, https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_cdcc33db72c9789d.jpg 800w, https://kdpisda.in/stop-asking-who-can-do-what-start-asking-what-can-this-role-do-a-guide-to-role-based-access-control-implementation/role-based-access-control-implementation-coding-humor_hu_82468906c8e10b5a.jpg 1024w" sizes="(min-width: 46rem) 704px, 100vw"
 width="1024" height="576"
 alt="Sketch of a developer contemplating &amp;lsquo;rm -tf (production)&amp;rsquo; on a laptop at a desk." loading="lazy" decoding="async"&gt;
&lt;/picture&gt;&lt;/p&gt;</description></item></channel></rss>