Any SaaS solution is a n-tier system, and as such, all the tiers should be protected, not only the application layer. If we put all our effort in the application and its code, we might miss important vulnerabilities in other parts of the attack surface.

Continue reading “Any SaaS solution is a n-tier system where all layers have to be protected, not only the application and its code” →