As the chief scientist at WhiteHat Security, I oversee all research and development for the WhiteHat Sentinel product line, defining and driving the underlying technology.
Today, we released the results of our newest threat research, compiled in the 2018 Application Security Statistics report, “The Evolution of the Secure Software Lifecycle.”
October marks the 15th annual National Cyber Security Awareness Month. What began as a collaborative effort between government and industry has possibly never been more relevant than now, serving as a reminder to not only be more conscious of cybersecurity threats, but how we as individuals and businesses can proactively mitigate cyberthreats.
Facebook announced this morning that between 50 and 90 million accounts have been breached due to unnamed hackers stealing the access tokens of other users ...
Earlier this month, we celebrated National Coding Week. To mark the occasion, we caught up with Abishek Ramasubramanian, one of our coders. He told us about his career path, gave us an insight into a working day as a WhiteHat Security software engineer and offered some practical advice for anyone thinking of becoming a coder.
There is no 100 percent secure, completely flawless computer program, yet security practices are often an after thought in programming. But even with the best security practices 'baked into' the software life cycle (SLC), there is still the possibility of a zero-day vulnerability existing in the code.
Now in its fifth year, National Coding Week has gone from strength to strength. Founded in the UK to help people improve their digital literacy and aiming to fill the growing IT skills gap, it is now a truly global event with huge amounts of interest from the press and exposure across social media platforms.
In order to fully assess a client website, it needs to be first fully mapped and scanned--with all links, forms, APIs, etc. discovered. Currently, a lot of human time and resources are dedicated to these tasks. Using ML, we could potentially speed up this process even more, further decreasing time to value for our clients.
There is no doubt that AI and ML offer major advantages for modern cybersecurity applications compared to older, automated versions. The ability for applications to learn based on experience and use the knowledge to inform their behavior when confronted with similar issues in the future delivers a significant benefit.
WhiteHat is positioned extremely well to capitalize on recent developments in ML. ML allows us to make sense of the data, train a set of expert networks on this data, and then use these networks to supplement our human element.
New Sentinel Dynamic enhancements enable highest level of accuracy in shortest timeframe, make real-time risk assessment a reality and empower developers to create secure web applications at the fast pace demanded by modern businesses
2018 Winter Olympic Games hit with destroyer malware during opening ceremony.
I’d like everyone to pause, and in their minds and hearts say thank you to the hundreds of engineers at various hardware, software, and security vendors who spent their holidays working on OS patches, browser patches, cloud roll-outs and distribution of patches for Meltdown and Spectre.
Dust off your Old Glory Insurance policy, ROBOT attack is now a real thing that can happen to you.
The news was just released that a massive breach hit Uber in October of 2016. The personal information of 57 million Uber users and 7 million Uber drivers were stolen, including names, email addresses and phone numbers.
It’s another day which means another round of Ransomware. This time it’s a ransomware that’s being called ‘Bad Rabbit’, and if the Bad Rabbit infections look familiar, they are.
As you’ve probably read, there is a serious vulnerability in the WPA2-PSK protocol that almost all WiFi traffic uses. This vulnerability is being called ‘KRACK’, which stands for Key Reinstallation Attack.
Learn best practices about how to avoid API Vulnerabilities from security experts at WhiteHat Security.
Week two of National Cyber Security Awareness Month is focused around security in the workplace. What can individuals and companies do to keep their employees and their confidential information protected? I have a few tips for everyone regarding workplace cyber security.
I’ve written about the recent Equifax, Sonic and Whole Foods breaches already, but am following up here to challenge anyone reading this: HAVE YOU TAKEN ACTION TO PROTECT YOURSELF YET?
WhiteHat Scout is a fully automated static analysis product to develop secure software from the start for successful DevOps implementations.
We have learned today that the Equifax breach that has affected hundreds of millions of people was exploited by utilizing a known issue in Apache Struts 2, specifically CVE-2017-5638.
The news broke yesterday that Equifax had a massive breach that leaked personal information including Social Security Numbers, names and Drivers License numbers. The scope of this breach is staggering: 143 million records.
Pioneer and innovator in application security, WhiteHat has been an early adopter of the technologies driving digital transformation across the business with voice search.
There's another 'worldwide' attack known as Petya Ransomware and it's spreading quickly - learn about it first from WhiteHat Security.
The WhiteHat team has gathered some thoughts on predictions and new vulnerabilities or trends that might emerge in 2017.