web application security
IronBee versus ModSecurity
After spending a couple of weeks talking about IronBee to anyone willing to listen, I have assembled a list of commonly asked questions. Not unexpectedly, the question that …
Most sites are exposed to at least one vulnerability each day
The average website has serious vulnerabilities more than nine months of the year and data leakage has over taken cross site scripting as the most common website …
Free e-book: Web Application Security for Dummies
Qualys announced that it has published a new comprehensive free guide on Web Application Scanning (WAS) to help readers understand web application security – including …
Web application scanning on a new level
Qualys announced the release of QualysGuard WAS 2.0 with several major enhancements to help customers catalog their web applications on a global scale and scan them for …
IronBee: Creating an open source web application firewall
Qualys announced IronBee, a new open source project to provide the next-generation of web application firewall (WAF) technology. Led by the team who designed and built …
400,000 e-mail addresses stolen in Irish job website breach
Names and e-mail addresses of some 400,000 job seekers have been harvested by hackers who have breached the RecruitIreland.com site and its systems. The site has been taken …
Injection attacks tutorial
This episode of the OWASP appsec tutorial series describes the #1 attack on the OWASP top 10 – injection attacks. The video illustrates SQL injection, discusses other …
73% of organizations hacked in the last 2 years
Website attacks are the biggest concern for companies, yet 88 percent spend more on coffee than securing Web applications, according to a survey by Barracuda Networks, Cenzic …
Free guide: Web application security
Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention …
Free XSS flaws detection service
Cross-site scripting (XSS) errors are responsible for more than half of all web application vulnerabilities1. So, in this age of accountability and expectations for secure, …
API bug responsible for Zuckerberg page hack
When at first Facebook didn’t issue a statement about what really happened on Mark Zuckerberg’s fan page and how someone managed to post a message in his name …
Riskiest social media applications
The fastest growing threat to corporate networks is web-based social media applications, according to WatchGuard security researchers. These applications can seriously …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do