<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"> <img height="1" width="1" style="display:none;" alt="" src="//t.co/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0">

Web Application Security Blog

Using RASP to Make Bug Bounty Programs More Efficient

POSTED BY  Mike Milner on Feb 16, 2017
Feb 16 2017

Bug bounty programs have gained popularity throughout the tech industry, cropping up at tech giants such as Facebook, Google, and more recently Apple. The programs effectively crowdsource manual penetration testing (pen testing), allowing users...

Continue Reading ›

TOPICS     RASP

Why Target the Application Layer

POSTED BY  Mike Milner on Feb 14, 2017
Feb 14 2017

When most of us think of applications, we think of the various programs we have downloaded to our smartphones. We interact and make requests of these programs to perform whatever function we need. These requests often, if not always, require the...

Continue Reading ›

TOPICS     Application Security

Improve Productivity Across Your Organization with RASP

POSTED BY  Richard April on Feb 09, 2017
Feb 09 2017

Every innovation today revolves around streamlining. We seek the fastest way to get from point A to point B, the fastest way to shop, pay, interact with each other and with other devices, etc. People simply do not have the time to spend that they...

Continue Reading ›

TOPICS     RASP

Why Signature Based Security is Only the First Step

POSTED BY  Richard April on Feb 07, 2017
Feb 07 2017

Think of the security infrastructure of your application as its doctor. When working properly, it diagnoses threats to your system and prescribes the right course of action to keep that threat from infecting your application - much the way your...

Continue Reading ›

TOPICS     AppSec Tools  WAF vs. RASP

How External Dependencies Put Your Apps at Risk

POSTED BY  Mike Milner on Feb 02, 2017
Feb 02 2017

Web applications are complex. Only a tiny part of any web app is code that you write for it. In fact, it is possible to create a web application without writing any original code. Some estimates say that 80% of the code in web applications is...

Continue Reading ›

TOPICS     Application Security  Application development

Ready to be Hacked: Incident Response

POSTED BY  Richard April on Jan 31, 2017
Jan 31 2017

As any security professional knows, the threat landscape is a moving target. Right now, hackers seem to be choosing web applications as a favored way into enterprise information systems—Verizon reports that they represent 40% of all confirmed...

Continue Reading ›

TOPICS     Application Security

Sundance Hack Acts as a Warning to Small and Mid Sized Businesses

POSTED BY  Amanda McGuinness on Jan 26, 2017
Jan 26 2017

This past Saturday, January 21st, the 2017 Sundance Film Festival was underway with its first weekend of screenings when it was interrupted by a cyberattack that disabled its online box office as well as internet access throughout Park City,...

Continue Reading ›

TOPICS     Application Security

Threat Intelligence

POSTED BY  Steve Williams on Jan 24, 2017
Jan 24 2017

Websites are able to collect massive amounts of information about the people browsing them. This can be used for a wide range of analytics, including marketing, driving sales or displaying relevant adverts. However, all this information can also...

Continue Reading ›

TOPICS     Security analytics

Enterprise Information Networks and the Threat Environment

POSTED BY  Oliver Lavery on Jan 19, 2017
Jan 19 2017

Securing an enterprise information system is no trivial task. That is because today’s systems are complex and need to be viewed holistically. No longer can IT security only think of a network as a combination of components that can be protected...

Continue Reading ›

TOPICS     Application Security

Preventing Account Takeover (ATO)

POSTED BY  Mike Milner on Jan 17, 2017
Jan 17 2017

Hackers are dedicated criminals. They will work hard to exploit any vulnerabilities in your website and network—because there is a lot of money in it for them when it works. One popular way of breaking into a system is to take over the account of...

Continue Reading ›

TOPICS     Account Takeover