[Webinars] DoS attacks in Node.js, SAST in DevSecOps

Learn how to protect Node.js apps against denial-of-service attacks, and how to integrate static application security testing into DevSecOps pipelines.
The post [Webinars] DoS attacks in Node.js, SAST in DevSecOps appeared first on Software Integrity … Continue reading [Webinars] DoS attacks in Node.js, SAST in DevSecOps

Evaluating WAF solutions? Know the Key Considerations for Replacing Legacy WAF

We hear often from customers who replace a legacy web application firewall (WAF) with Signal Sciences next-gen WAF about why they made the switch. Almost always, those reasons are a variation on the following themes: Legacy WAF costs too much…
Th… Continue reading Evaluating WAF solutions? Know the Key Considerations for Replacing Legacy WAF

As companies rely on digital revenue, the need for web and mobile app security skyrockets

As non-essential businesses have been forced to shut their doors around the world, many companies that previously relied heavily on the brick-and-mortar side of the business are now leaning more on revenue from their digital platforms. By 2023, accordi… Continue reading As companies rely on digital revenue, the need for web and mobile app security skyrockets

Client-side web security

To address attacks such as XSS, Magecart and other card skimming exploits found in modern eCommerce environments, the use of client-side web security methods is beginning to emerge as a particularly useful practice. Obviously, enterprise teams should i… Continue reading Client-side web security

Web shell malware continues to evade many security tools

Cyber attackers are increasingly leveraging web shell malware to get persistent access to compromised networks, the US National Security Agency and the Australian Signals Directorate warn. What are web shells? Web shells are malicious scripts that are … Continue reading Web shell malware continues to evade many security tools

Getting Started API Penetration Testing with Insomnia

In our blog series on Better API Penetration Testing with Postman we discussed using Postman as the client for testing RESTful service APIs. Insomnia is an MIT-licensed open source alternative to Postman. Its commercial maintainer, Kong, is best known … Continue reading Getting Started API Penetration Testing with Insomnia

Understanding web security solutions

As should be evident to anyone in the cyber security industry, the wide range of available web security solutions from commercial vendors will necessarily have varying degrees of effectiveness against different threats. A premise of this article is tha… Continue reading Understanding web security solutions

A client-side perspective on web security

Threats to web security are explained in this first of a three-part article series, and client-side security is shown to address a commonly missed class of cyber attack exemplified by Magecart. Traditional solutions to web security are outlined, includ… Continue reading A client-side perspective on web security