appsec – Page 16 – WindowsTechs.com

Are reproducible builds practically possible on major app stores?

Posted on January 17, 2021 by stevec

‘Reproducible builds’ ensure that a published app matches the published open source code. This answer gives some great information on it.
But numerous sources1,2 indicate reproducible builds are very difficult (or even impossible) to imple… Continue reading Are reproducible builds practically possible on major app stores?→

Satisfaction With WAFs at Only 40 Percent

Posted on January 14, 2021 by Timothy Chiu, VP of Marketing

A Ponemon study released in 2019 showed that satisfaction with WAFs (Web Application Firewalls) is at 40 percent, and effectiveness of WAFs rated at only 43 percent.
The post Satisfaction With WAFs at Only 40 Percent appeared first on K2io.
The post Sa… Continue reading Satisfaction With WAFs at Only 40 Percent→

What is Web Application Security and Why is it Important?

Posted on January 7, 2021 by Timothy Chiu, VP of Marketing

If you’re new to web application security and you’re looking for a primer to get yourself educated, there’s a recent article published by the EC Council that covers the basics of what web applications are, why web application security is important.
The… Continue reading What is Web Application Security and Why is it Important?→

35% of External Attacks Occur Through a Web Application

Posted on January 4, 2021 by Timothy Chiu, VP of Marketing

Back in June of 2020 we wrote about Forrester’s new 2020 State of Application Security report. Back then we focused on the finding that application vulnerabilities were the weakest link in application security. In this post, we’ll talk about the find… Continue reading 35% of External Attacks Occur Through a Web Application→

How I can mitigate postMessage exploitation? [closed]

Posted on December 30, 2020 by WhileLoop

I’m trying to mitigate postMessage exploitation like. information leakage, xss etc.. since I can’t solve this with origin (because origin might be problematic).
I might receive/send postMessage to different origins, sometimes it might be e… Continue reading How I can mitigate postMessage exploitation? [closed]→

How I can mitigate postMessage exploitation? [closed]

Posted on December 30, 2020 by WhileLoop

Ten Ways to Ensure Web Application Security

Posted on December 28, 2020 by Timothy Chiu, VP of Marketing

Analytics Insight ran a recent article on the “Ten ways to ensure web application security,” a good reminder that there are many steps an organization can take to ensure security for their web applications in the face of larger numbers of attacks and i… Continue reading Ten Ways to Ensure Web Application Security→

Should a WAF block access to my .ashx content?

Posted on December 26, 2020 by davenport2020

Why or why not? If it’s open to the Internet, are there specific security recommendations around protecting ashx?

Continue reading Should a WAF block access to my .ashx content?→

2021 New Year Resolutions for Web Application Security

Posted on December 21, 2020 by Timothy Chiu, VP of Marketing

As we approach the new year, many of us are hoping for a new normal in 2021, at least something not so crazy as 2020 has been. Traditionally the new year has also meant a time of reflection, and a time to make resolutions for the new year. Here at K2… Continue reading 2021 New Year Resolutions for Web Application Security→

CISO strategy and threats for 2021 [closed]

Posted on December 18, 2020 by dev

Hope this is not off-topic, if yes, please suggest an appropriate forum.
Any CISOs here? How does your daily job looks like? What does CISO do?
What are now the biggest threats to the global 2,000 employees business producing embedded hard… Continue reading CISO strategy and threats for 2021 [closed]→