Collaborate Disseminate
OWASP Top 10 vulnerabilities is a list of the 10 most common security vulnerabilities in applications. The Top 10 OWASP web application security vulnerabilities are updated every 3-4 years. Last.
The post Top 10 Tips to Protect Against OWASP Top 10 Vul… Continue reading Top 10 Tips to Protect Against OWASP Top 10 Vulnerabilities
Imperva is excited to be further expanding our presence in Latin America by launching a new Point of Presence (PoP) in Santiago, Chile, in partnership with leading Chilean Telecommunications provider Entel Corporations. Located within Entel’s gold-stan… Continue reading Imperva® Opens the first dedicated DDoS scrubbing center in Santiago, Chile
The reason behind buying a market-leading Web Application Firewall (WAF) is to protect your website and web applications from malicious attacks, plus complying with industry or regional data and privacy standards. In addition to the typical OWASP Top 1… Continue reading Benefits of Building a Multi-prong Mousetrap for WAF Policies with ML
A new report on the top vulnerabilities in internet facing applications in 2020 was released recently by Edgescan, and found that 42% of the vulnerabilities found in these apps are SQL Injection vulnerabilities
The post SQL Injection, XSS, and RCE Top … Continue reading SQL Injection, XSS, and RCE Top List of Vulnerabilities in Internet-facing Applications
OWASP is a very cool community dedicated to helping organizations build software that can be trusted. It came online in 2001 and was established as a non-profit in April of 2004.
Its core purpose is to be the thriving global community that drives … Continue reading OWASP Top 10 Overview
When an organization has a breach, you would like to imagine that the attacker crafted a new exploit, leveraging a zero-day vulnerability that no one has any protection against. However, It is far more likely that the attacker exploited well-known vuln… Continue reading Using Components with Known Vulnerabilities
Most people in our industry know what the acronym CVE means. For those that may not, CVE stands for Common Vulnerabilities and Exposures. According to their website, CVE was launched in 1999 as a list of common identifiers for publicly-known cybersecur… Continue reading Combating the Continuous Development of Vulnerable Software
OWASP this month released a top ten list focused on application programming interfaces (APIs). The list summarizes the new vectors that attackers use today to breach APIs, and is intended to serve as an awareness document to highlight the security ris… Continue reading New OWASP List Highlights API Security Holes
A great article from 2016 came up in a recent conversation. This article has come up a few times in my conversations about DevSecOps since it was first published. Justin Smith’s The Three R’s of Enterprise Security: Rotate, Repave, and… Continue reading The Three R’s of Software Supply Chains: Reject, Replace, and Respond
Static application security testing, or SAST, is the process to test the source code to find any security defect in the code or its vulnerabilities. In the application security assurance program, SAST is performed to identify and remove all security v… Continue reading 5 Steps to Integrate SAST Tools with DevSecOps