web application security
Radical reduction in online vulnerabilities
WhiteHat Security reviewed serious vulnerabilities in websites during 2011, examining the severity and duration of the most critical vulnerabilities from 7,000 websites across …
Video: Attacking XML preprocessing
Documenting more than a year of research in XML technologies, this talk by Nicolas Grégoire at Hack in The Box 2012 Amsterdam details security implications of the XML format …
Control and measure web application scans
NT OBJECTives announced NTOEnterprise 2.0 which enables organizations to plan, manage, control and measure web application scans and also assess and prioritize areas of …
Vulnerabilities in open source WAF ModSecurity
During our research of web application firewall evasion issues, we uncovered a flaw in ModSecurity that may lead to complete bypass of the installed rules, in the cases when …
Static analysis technology for web application security
Coverity has extended static analysis to deeply understand both source code and modern web application architecture, providing greater accuracy and remediation guidance to …
Create secure web applications with Sentinel Source
WhiteHat Security announced Sentinel Source, a solution for creating secure online applications from inception to launch. With the ability to track source code development for …
LogRhythm and Imperva partner on database and web application security
LogRhythm announced a partnership with Imperva. It includes technical integration that enables Imperva’s SecureSphere solution to feed data to LogRhythm’s SIEM 2.0 …
Guard your website against malicious activity with WebsiteDefender
Acunetix released WebsiteDefender, an online security monitoring service which helps you secure websites against malware and hacker activity. Google’s security blog …
Web Application Security, A Beginner’s Guide
Web Application Security, A Beginner’s Guide imparts the hard-learned lessons and experiences of top security professionals, and provides know-how that can otherwise …
Juniper Networks enhances its Mykonos Web Security software
Juniper Networks announced major platform enhancements to its Mykonos Web Security software. The new release provides 30 new features and enhancements that strengthen …
Kickstarter bug granted access to unlaunched projects
A bug in the private application programming interface (API) of Kickstarter, the popular crowd funding website for creative projects, has exposed details about 70,000 projects …
1,000+ WordPress sites compromised through automatic update feature
More than 1,000 WordPress blogs have been modified to redirect visitors to sites serving malware, affiliate and pay-per-click redirectors, and low quality PPC search result …
Featured news
Resources
Don't miss
- Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
- OpenHack: Open-source AI-powered vulnerability research
- Boards want cyber risk in dollars, not CVE counts
- $20 per zero-day is already the WordPress plugin reality
- Deleted Google API keys keep working for up to 23 minutes, researchers warn