web application security
The Web Application Hacker’s Handbook, 2nd Edition
Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise …
Web attacks peak at 38,000 an hour
Web applications are subject to business logic attacks, according to a report by Imperva. Imperva monitored and categorized attacks across the internet targeting 40 different …
Global view into application usage
New research published by Palo Alto Networks indicates explosive growth in global social networking and browser-based file sharing on corporate networks, with a 300 percent …
Arachni: Web application security scanner framework
Arachni is an open source Web application security scanner framework, a modular framework that allows fast, accurate and flexible vulnerability assessment. In order to …
Over 1M pages compromised in massive SQL injection attack
At the beginning of December researchers from the Internet Storm Center spotted a relatively limited SQL attack – about 80 affected pages – redirecting visitors of …
Security solution on Amazon Web Services
Check Point announced its security gateways are now available to customers through Amazon Web Services (AWS), enabling organizations to extend their security to the cloud with …
Microsoft releases MS11-100 for ASP.NET DoS attack
Today Microsoft released a security bulletin addressing a flaw in ASP.NET that was disclosed early morning yesterday at the Chaos Communication Congress (CCC) in Berlin. …
Top 10 HTML5 threats and attack vectors
Emerging as popular standard to create Rich Internet Applications and competing with technology stacks like Adobe’s Flex/Flash and Microsoft’s Silverlight is …
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
QualysGuard Web Application Scanning
Yesterday, Qualys released version 2.1 of QualysGuard Web Application Scanning (WAS), that integrates with Selenium to help companies further automate scanning of web …
New version of Qualys web application scanner
Qualys announced a new release of QualysGuard Web Application Scanning (WAS) 2.1 that integrates with Selenium to help companies further automate scanning of web applications …
Effectiveness of web application firewalls
The best defense against web application vulnerabilities and threats is to professionally train Web Application Firewalls (WAFs) and to incorporate Dynamic Application …