web application security
Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond
Since Monday, security pros can add another XSS-finding tool to their arsenal, as Netflix has open sourced their cross-site scripting payload management framework dubbed …
How to get better at web application security
Robert Hansen, Vice President of WhiteHat Security Labs, has more than 20 years of web application and browser security experience. In this interview he discusses the …
Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing …
CDNetworks to showcase Cloud Security 2.0 at Black Hat USA 2015
CDNetworks, the global content delivery network (CDN), will showcase Cloud Security 2.0 this week at Black Hat USA 2015, Booth IP29.Cloud Security 2.0 includes intelligent, …
Best practice application security: Does it exist?
Unfortunately and unsurprisingly, website breaches have become an everyday occurrence. In fact, hacked websites have become so common that typically only the biggest data …
Nearly all websites have serious security vulnerabilities
A new Acunetix report on 5,500 companies comprising 15,000 website and network scans, performed on over 1.9 million files, finds nearly half of the web applications scanned …
Akamai and Trustwave unite to protect businesses from online threats
Akamai Technologies, provider of content delivery network services, and managed security services firm Trustwave announced at Infosecurity Europe 2015 a new strategic alliance …
Companies stay vulnerable to web attacks for far too long
While no true security best practices exist, the key is in identifying the security metrics that mean the most to the organization and focusing on those activities to …
DDoS attacks double, old web application attack vectors still active
Akamai Technologies analyzed thousands of DDoS attacks as well as nearly millions of web application attack triggers across the Akamai Edge network.A surge in DDoS attack …
Millions of WordPress sites risk hijacking due to flaw in default theme
Guess what? Unless your site is hosted by one of 11 specific web hosts, it’s time to patch your WordPress installation again! Netsparker researchers have recently …
Qualys takes step towards complete automation of web app security
Qualys announced Qualys Web Application Firewall (WAF) version 2.0 that comes fully integrated with the Qualys Web Application Scanning solution (WAS). Presented at RSA …
Radware launches hybrid cloud based WAF service
Cyber attacks remain a persistent threat and have become sophisticated in size and scope. DoS, SQL injections and cross-site scripting are the most common web attack vectors, …