Collaborate Disseminate
Serverless architectures are revolutionizing the way organizations procure and use enterprise technology. Until recently, information security architecture was relatively simple; you built a fortress around a server containing sensitive data, and depl… Continue reading Protecting Applications in a Serverless Architecture
I have a theoretical knowledge about WAF but I do not have knowledge of the tools in the market. I wonder if there are any WAFs that base their decision making through a response from an external resource (true or false) when… Continue reading Web Application Firewall with based on an external decision to detect anomaly
The black swan – a rare and unpredictable event notorious for its ability to completely change the tides of a situation. For cybersecurity, these nightmares can take the form of disabled critical services such as municipal electrical grids and o… Continue reading Protecting Sensitive Data: A Black Swan Never Truly Sits Still
Scenario:
ModSecurity with a “default” or “generic” configuration (like the one that might be provided by shared hosting providers, for example).
Generic web application (custom, uncommon, or unknown), for which specific ru… Continue reading How useful is the default configuration of ModSecurity for a generic web application?
Executives express mixed feelings and a surprisingly high level of confidence in Radware’s 2018 Web Application Security Report. As we close out a year of headline-grabbing data breaches (British Airways, Under Armor, Panera Bread), … Continue reading Are Your Applications Secure?
Septemeber was full of Azure announcements from Ignite, Aidan breaks all the news down so that it is easier to digest.
The post Everything You Need to Know About Azure Infrastructure – September 2018 Edition appeared first on Petri.
Continue reading Everything You Need to Know About Azure Infrastructure – September 2018 Edition
Let’s say that we have arbitrary apache log, something like:
157.55.39.243 – [13/Sep/2018:06:29:29 -0300] “GET /pbh/ecp/comunidade.do?app=financas&pg=5565&tax=37049 HTTP/1.1” 302 275 “-” “Mozilla/5.0 (compatible; bin… Continue reading Is there a way to scan apache log for malicious traffic? [closed]
True or False? 90% of small businesses lack any type of data protection for their company and customer information. The answer? Unfortunately true. Due to this lack of care, 61% of data breach victims are specifically small businesses according to ser… Continue reading Protecting Sensitive Data: The Death of an SMB
I need to analyze an Apache log with Snort and others IDS/WAFs (Suricata, mod_security and Shadow Daemon). In order to do so, I was thinking about create TCP packets with the GET and POST requests stored in the Apache log wit… Continue reading Analyzing Apache log with Snort
Rick Holland has more than 15 years’ experience working in information security. Paul and John talk to Rick about vulnerability management, WAFs, and advice to enterprise marketing. Full Show NotesVisit http://securityweekly.com/esw for all the l… Continue reading Rick Holland, Digital Shadows – Enterprise Security Weekly #104