web application security
Free tool exploits SQL injection vulnerabilities
NT OBJECTives announced NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection …
QualysGuard Web Application Scanning
Yesterday, Qualys released version 2.1 of QualysGuard Web Application Scanning (WAS), that integrates with Selenium to help companies further automate scanning of web …
New version of Qualys web application scanner
Qualys announced a new release of QualysGuard Web Application Scanning (WAS) 2.1 that integrates with Selenium to help companies further automate scanning of web applications …
Effectiveness of web application firewalls
The best defense against web application vulnerabilities and threats is to professionally train Web Application Firewalls (WAFs) and to incorporate Dynamic Application …
Joomla! security bypass weakness and XSS vulnerability
A weakness and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site …
Framework for analyzing web-based threats
Wepawet is a framework for the analysis of web-based threats. It uses a composition of tools and techniques to execute, trace, analyze, and characterize the activity of code …
Secure access to Office 365 cloud-based web applications
RSA SecurID can now be integrated with the Windows Active Directory Federation Services 2.0 (AD FS 2.0). This integration can enable organizations to provide secure user …
Web application security vulnerabilities and strategies
The use of web applications has soared recently, due to the significant value they can add to enterprises by providing innovative ways to interact with customers. However, so …
Testing web applications for security flaws
David Hoelzer is the Director of Research, Enclave Forensics and a SANS Trainer. In this interview he discusses web application testing, offers advice for those on the hunt …
Vulnerability management for Web applications
Core Security announced Core WebVerify Web application security software that provides organizations with actionable intelligence and analysis on indisputably critical …
BackTrack adds RandomStorm WordPress scanner
RandomStorm’s WPScan, the free WordPress security scanner, has been added to the latest version of BackTrack. BackTrack is an open source operating system that provides …
Pligg CMS multiple XSS vulnerabilities
Multiple vulnerabilities have been discovered in Pligg CMS, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia. 1. Input …
Featured news
Resources
Don't miss
- Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
- OpenHack: Open-source AI-powered vulnerability research
- Boards want cyber risk in dollars, not CVE counts
- $20 per zero-day is already the WordPress plugin reality
- Deleted Google API keys keep working for up to 23 minutes, researchers warn