web application security
The ultimate fallout from the Facebook data breach could be massive
Less than a week ago, Facebook announced that unknown attackers have managed to string together three bugs affecting the social media platform, which allowed them to steal …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …
Qualys Community Edition: Discover IT assets, manage vulnerabilities, scan web apps
In this podcast recorded at Black Hat USA 2018, Anthony Mogannam, Product Manager, SME/SMB Solutions at Qualys, talks about issues related to open source software and Qualys …
Access misconfiguration opens 3D printers to remote attacks
Spurred by a report coming from a regular reader, SANS ISC handlers Richard Porter and Xavier Mertens searched for OctoPrint interfaces for 3D printers exposed online and …
Data from 316 million real-world attacks in AWS and Azure environments
In evaluating 316 million incidents, tCell found it clear that attacks against the application are growing in volume and sophistication, and as such, continue to be a major …
Same web-based vulnerabilities still prevalent after nine years
Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have largely refused to fall …
Automating web app testing to secure your environment
In this podcast recorded at RSA Conference 2018, Dave Ferguson, Director, Product Management for Web Application Security at Qualys, talks about the challenges and benefits of …
Infrastructure-agnostic web app protection with virtual patching option
Signal Sciences announced the latest innovations for its Web Protection Platform. Its patented architecture provides security, operations and development teams with the …
Qualys brings web application security to DevOps
Qualys announced new functionality in its web application security offerings that helps teams automate and operationalize global DevSecOps throughout the Software Development …
Wire shares results of independent security audit of its secure messaging apps
When I last spoke to Alan Duric, co-founder and (at the time) CEO of the company developing secure messaging application Wire, he stressed the importance of independent and …
Security company Fox-IT reveals, details MitM attack they suffered in September
Dutch IT security consultancy/service provider Fox-IT has revealed on Thursday that it has suffered a security breach, which resulted in some files and emails sent by the …
Bot-driven web traffic and its application security impact
New research conducted by the Ponemon Institute, which focused on such highly targeted industries as retail, healthcare and financial services, exposes the proliferation of …