Introduction

In the rush to deploy web applications, developers and system administrators sometimes overlook a critical post-installation step: removing installation files. This seemingly minor oversight can have catastrophic consequences, potentially granting attackers complete control over your application.

This vulnerability, classified under OWASP Top 10:2025 as A02 Security Misconfiguration, affects countless web applications worldwide. In 2025, security researchers discovered that 100% of applications tested had some form of misconfiguration, with leftover installation files being one of the most commonly exploited vectors.

Introduction

APIs (Application Programming Interfaces) have become the backbone of modern software architecture. They allow applications to communicate with each other, power mobile applications, and orchestrate microservices. However, this ubiquity makes APIs a prime target for attackers.

Among the most critical and widespread vulnerabilities are Broken Access Control issues, ranked #1 in the OWASP Top 10 2021 and #1 in the OWASP API Security Top 10 2023.

This article explores these vulnerabilities through a practical case, then presents best practices for securing your APIs.

Introduction

In the world of cybersecurity, digital forensics plays a crucial role in investigating security incidents. With the massive adoption of Docker containers in production environments, understanding how to analyze and investigate these containers has become an essential skill.

This article explores the fundamental concepts of Docker container forensics, particularly the functioning of layered architecture and its security implications.

What is Container Forensics?

Container forensics is the art of analyzing Docker images and containers to: