A few weeks ago, a friend from South Africa reached out about a company struggling with their website’s security. We set up a virtual meeting with their management and developer to understand the issue.
I proposed a full Web Application Penetration Test and Vulnerability Assessment, backed by proper documentation. I gave them a 10-working-day timeline—based on my initial review—to deliver a detailed report and Proof of Concept (PoC).
Using the OWASP Top 10, I categorized all findings and delivered the report early. We later had a Zoom session where I broke down the vulnerabilities in plain terms so management could fully understand the risks.
Key lesson:
Devs shouldn’t only focus on payment alerts (“gbagaun”)—your priority should also be protecting users and the company that trusts you.
To Developers:
How do you secure client data in your web/app projects?
To Cyber Pros:
Have you dealt with devs who ignore security? How did you address it?
Let’s share experiences. We all have a role in making the web safer.





























