Collaborate Disseminate
Digital transformation projects demand that developers continually roll out new applications to fuel those efforts. These new applications and APIs can surface sensitive data and must be protected in production: RASP (runtime application self protectio… Continue reading The Inside-Out Application Security Opportunity with RASP
Two high-risk vulnerabilities in Meetup, a popular online service that’s used to create groups that host local in-person events, allowed attackers to easily take over any Meetup group, access all group functions and assets, and redirect all Meetu… Continue reading Meetup vulnerabilities enabled group takeovers, payment redirections
Hear about the state of open source in our Red Hat partner webinar, discover our approach to threat modeling, and learn how to secure Node.js applications.
The post [Webinars] Open source, threat modeling, Node.js security appeared first on Software I… Continue reading [Webinars] Open source, threat modeling, Node.js security
Today we’re going to take a quick look at hashing functions, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some confusion between hashing, encryption, and encoding, so one of the purposes of this article… Continue reading Hashing Functions – CISSP Domain 3
As a company that is constantly working with our penetration testing clients on understanding where they should focus their efforts, qualifying risk is second-nature to us. On one hand, we never want to undersell a risk, and have a client accept that r… Continue reading Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
Maintaining a resilient security posture is an ongoing effort for every organization. As reports of data breaches, fraud, and cyberattacks grow increasingly common, it’s important to have strategies in place to mitigate their impact. Whilst cyber… Continue reading Navigating Cybersecurity Metrics For Web Applications
In a recently released report by the UK National Cyber Security Centre (NCSC), whose findings have been backed by Canada’s Communications Security Establishment (CSE) and the US NSA and CISA (Cybersecurity and Infrastructure Security Agency), the agenc… Continue reading Biomedical orgs working on COVID-19 vaccines open to cyber attacks
From an operational standpoint, the foundation of CARTA starts with an assessment and then building the zero-trust principles on top of that with an adaptive security model. Continue reading How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution
Ask any CISO about a trend that they think will help push security postures forward and you’ll inevitably hear the same thing: the elimination of the perimeter and the rise of the zero trust mindset. In the old perimeter model,…
The post Th… Continue reading The Future of Zero Trust: Continuous Authentication
There are growing concerns around the number of businesses vulnerable to cyberattacks due to hackers’ ability to bypass their Web Application Firewall (WAF), Neustar reveals. Cyberattacks bypass the WAF 49% of security professionals reported more than … Continue reading 40% of security pros say half of cyberattacks bypass their WAF