web application security
Microsoft releases MS11-100 for ASP.NET DoS attack
Today Microsoft released a security bulletin addressing a flaw in ASP.NET that was disclosed early morning yesterday at the Chaos Communication Congress (CCC) in Berlin. …
Top 10 HTML5 threats and attack vectors
Emerging as popular standard to create Rich Internet Applications and competing with technology stacks like Adobe’s Flex/Flash and Microsoft’s Silverlight is …
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
QualysGuard Web Application Scanning
Yesterday, Qualys released version 2.1 of QualysGuard Web Application Scanning (WAS), that integrates with Selenium to help companies further automate scanning of web …
New version of Qualys web application scanner
Qualys announced a new release of QualysGuard Web Application Scanning (WAS) 2.1 that integrates with Selenium to help companies further automate scanning of web applications …
Effectiveness of web application firewalls
The best defense against web application vulnerabilities and threats is to professionally train Web Application Firewalls (WAFs) and to incorporate Dynamic Application …
Joomla! security bypass weakness and XSS vulnerability
A weakness and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site …
Framework for analyzing web-based threats
Wepawet is a framework for the analysis of web-based threats. It uses a composition of tools and techniques to execute, trace, analyze, and characterize the activity of code …
Secure access to Office 365 cloud-based web applications
RSA SecurID can now be integrated with the Windows Active Directory Federation Services 2.0 (AD FS 2.0). This integration can enable organizations to provide secure user …
Web application security vulnerabilities and strategies
The use of web applications has soared recently, due to the significant value they can add to enterprises by providing innovative ways to interact with customers. However, so …
Testing web applications for security flaws
David Hoelzer is the Director of Research, Enclave Forensics and a SANS Trainer. In this interview he discusses web application testing, offers advice for those on the hunt …
Vulnerability management for Web applications
Core Security announced Core WebVerify Web application security software that provides organizations with actionable intelligence and analysis on indisputably critical …
Featured news
Sponsored
Don't miss
- CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
- The rising influence of AI on the 2024 US election
- 10 colleges and universities shaping the future of cybersecurity education
- What is multi-factor authentication (MFA), and why is it important?
- MITRE breached by nation-state threat actor via Ivanti zero-days