WhiteHat Security

Digital transformation has morphed from a competitive advantage to a necessity for business survival. As applications are produced faster and faster, hackers are standing by, ready to strike.

As your trusted partner in application security, we are committed to delivering the experience you know and trust in an environment that promotes and protects the well-being of all, across all offices, customers and partners.

On Jan. 8, we learned that a series of vulnerabilities in the popular social media app TikTok left the personal information of its users susceptible to exposure, potentially allowing cybercriminals to manipulate content on user accounts.

With the tensions in Iran escalating over the past few weeks, nation-state cyberattacks have been on the forefront of government agencies’ minds.

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information.

As we head into 2020, application security remains an essential consideration for every organization operating in this digital era.

The trend to outsource a development project or the development function has been growing in recent years, and for some very good reasons.

October is known for being the “spookiest” of all the months. While there’s always debate on if ghosts, ghouls and witches are real, no one can argue the existence of scary vulnerabilities lurking in the dim corners of the web and on applications.

October marks the 16th annual National Cyber Security Awareness Month (NCSAM).

Previously, we discussed in part 1 of this blog series, application security issues are becoming the first and foremost cause of security breaches, leading to some real challenges among organizations attempting to achieve DevSecOps.

More and more, businesses today are staking their success on web and mobile applications.

Despite women gaining the equal right to vote in 1878 and the U.S. Congress designating Aug. 26 as Women’s Equality Day in 1971, the tech industry still has a long way to go.

Cross-Site Request Forgery (CSRF) generates many questions from prospects, customers, partners, and Web application security professionals we work with.

Today, March 8, marks International Women’s Day, a global day tabbed to celebrate women’s achievements throughout history and their social, economic, cultural and political achievements.

IT security is a massive concern for many organizations of all shapes and sizes. The consequences of a security failure are often drastic, sometimes terminal. Over recent years, there has been a relentless upward trajectory in spending on IT security, and there are no signs of that trend abating.

The financial repercussions of large-scale consumer data breaches are coming into greater focus. Recent reports indicate that Facebook will face a whopping $1.6 billion fine in Europe for compromising 30 million user accounts, while Uber is expected to pay $148 million for its 2016 data breach.

Since it’s Thanksgiving, WhiteHat wondered, what are hackers giving thanks for? The simplest answers are Google, gigabit internet speeds, and an endless supply of caffeine. But the number one thing that hackers are overwhelmingly grateful for is DATA, especially passwords stored in plain or cleartext.

Since 2013, WhiteHat Security has provided customers the ability to include a dynamically generated trust mark on their companies’ websites, indicating that WhiteHat manages their sites’ security.

In a representative democracy like the United States, voting is a fundamental right, privilege and civic duty. The infrastructure of our electoral process is critical to governing in the U.S., and election security should be of the utmost importance. But is it easy to hack an election?

The news that private equity business Thoma Bravo is to acquire our rivals over at Veracode underlines that the application security space is quickly becoming one of the hottest sectors in the entire security industry.

As discussed last week, many states are failing to take appropriate responsibility - not only to ensure that our voting machines work, but that they’re secure. Is there hope that we can still encourage a change before November? As with anything else, change is often difficult and time consuming.

Election Day 2018 is fast approaching, and when Americans head to the polls, will their votes be secured? That’s the burning question on the minds of many security experts. As important as these midterms maybe, the security and integrity of our American voting systems should also be at the forefront of the conversation.

A single-page application (SPA) is a website that interacts with a user by dynamically rewriting the current page, rather than loading entire new pages directly from a server. This SPA approach avoids interruption between successive pages, which makes the application behave more like a desktop app than a traditional website.

Earlier this month, we celebrated National Coding Week. To mark the occasion, we caught up with Abishek Ramasubramanian, one of our coders. He told us about his career path, gave us an insight into a working day as a WhiteHat Security software engineer and offered some practical advice for anyone thinking of becoming a coder.

Now in its fifth year, National Coding Week has gone from strength to strength. Founded in the UK to help people improve their digital literacy and aiming to fill the growing IT skills gap, it is now a truly global event with huge amounts of interest from the press and exposure across social media platforms.

New Sentinel Dynamic enhancements enable highest level of accuracy in shortest timeframe, make real-time risk assessment a reality and empower developers to create secure web applications at the fast pace demanded by modern businesses

As Vulnerability Management systems move from CVSS v2 to v3, WhiteHat scoring keeps up.

Thanks to everyone who attended the first Crash Course Series webinar. As we ran out of time before answering all of the questions at the end (and thank you all for so much participation!), I thought I’d pull the unanswered and reply to them here in longer form than the time allotted.

Planning to attend the JavaOne Conference October 1-5 in San Francisco? Come on by and meet the team at WhiteHat Security to learn more about secure DevOps, and pick up a gift card for a free 6-month trial of our new static analysis product for Java developers!