Collaborate Disseminate
Modern systems rely on complex systems of APIs exposed through a variety of networks. What is API security, and how does it fit into your security program?
The post Are you ready for API security? appeared first on Software Integrity Blog.
The post Ar… Continue reading Are you ready for API security?
We hear often from customers who replace a legacy web application firewall (WAF) with Signal Sciences next-gen WAF about why they made the switch. Almost always, those reasons are a variation on the following themes: Legacy WAF costs too much…
Th… Continue reading Evaluating WAF solutions? Know the Key Considerations for Replacing Legacy WAF
As non-essential businesses have been forced to shut their doors around the world, many companies that previously relied heavily on the brick-and-mortar side of the business are now leaning more on revenue from their digital platforms. By 2023, accordi… Continue reading As companies rely on digital revenue, the need for web and mobile app security skyrockets
To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice. Obviously, enterprise teams should i… Continue reading Client-side web security
Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn. What are web shells? Web shells are malicious scripts that are … Continue reading Web shell malware continues to evade many security tools
In our blog series on Better API Penetration Testing with Postman we discussed using Postman as the client for testing RESTful service APIs. Insomnia is an MIT-licensed open source alternative to Postman. Its commercial maintainer, Kong, is best known … Continue reading Getting Started API Penetration Testing with Insomnia
As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees of effectiveness against different threats. A premise of this article is tha… Continue reading Understanding web security solutions
Threats to web security are explained in this first of a three-part article series, and client-side security is shown to address a commonly missed class of cyber attack exemplified by Magecart. Traditional solutions to web security are outlined, includ… Continue reading A client-side perspective on web security
These are unprecedented times, and everyone is going through a testing period, with more than 3 billion people locked down all over the world.
Businesses are scrambling to stay afloat and are forced to move digital in a very short span of time without… Continue reading AppTrana Offers Protection to Online Businesses During Coronavirus Outbreak
Every so often, podcasts and such will invite me to speak on a variety of topics. And this week, I was very excited to join @cktricky and @sethlaw on the Absolute AppSec podcast. I have known Ken for years, and he is one of the people that I admire. So… Continue reading How I Became a Security Consultant: AbsoluteAppsec Interview