Eric Sheridan|May 10, 2022

Kubernetes Security Starts with Your Containers

If we are to “containerize all the things”, as one meme put it, then it would be natural to leverage...

CONTINUE READING
Christie Stewart|April 7, 2022

How We Developed SSRF Detection to Help Protect Your Site

Developer Spotlight: Protecting Your Site from Server Side Request Forgery (SSRF) The security landscape is always changing. As software developers,...

CONTINUE READING
Chris Marsh|February 18, 2022

AppSec Stats Flash: 2021 Year in Review

AppSec Stats Flash: 2021 Year in Review is out now. This edition of the AppSec Stats Flash report takes a...

CONTINUE READING
Chris Marsh|November 18, 2021

Infographic: The State of Secure Online Holiday Shopping

What would you do if an online retailer exposed your credit card or personal information due to a security breach?...

CONTINUE READING
Cody Beers|October 13, 2021

Fight the Phish with These Tips

Phishing is a type of social engineering attack where the attacker sends malicious links or attachments, usually via email, in...

CONTINUE READING
Joseph Feiman|September 16, 2021

Don’t Let These Five Myths Hinder Your DevSecOps Adoption

DevOps has not yet become DevSecOps, leaving DevOps unsecured. Everyone speaks of it, but very few organizations have mastered it....

CONTINUE READING
Cody Beers|August 26, 2021

Beers on Breaches: T-Mobile Hacked Again, and Again, and Again.

Server Misconfiguration – 2021 On August 15th, 2021, Vice reported that a hacker had breached multiple T-Mobile servers, affecting between...

CONTINUE READING
Security Specialist|August 19, 2021

Ready to Secure Your Applications? Have a Plan? Go!

Operationalizing the Modern AppSec Framework Whether you’ve been following our 3-Part Summer webinar series or you’re just now joining us,...

CONTINUE READING
Security Specialist|July 14, 2021

Modern AppSec Requires a Modern Approach

Organizations need to develop and deliver secure applications fast. Unfortunately, the traditional software development lifecycle (SDLC) paradigm no longer works...

CONTINUE READING
Chris Marsh|May 27, 2021

AppSec Stats Flash Vol. 5 Is Now Live

The ransomware attack on the Colonial Pipeline sent shockwaves through the security industry and American society alike. In this month’s...

CONTINUE READING
Cody Beers|May 12, 2021

Beers on Breaches: Experian Suffers Yet Another Breach

Going back a decade, credit reporting giant Experian has been the target of several major leaks and breaches.   There was...

CONTINUE READING
Chris Marsh|May 11, 2021

AppSec News Round Up—April 2021

We live in a world where only three things are certain: death, taxes and breaches. Nearly every day, WhiteHat’s team...

CONTINUE READING
Cody Beers|April 28, 2021

Whistleblower Claims Ubiquiti Downplayed January Breach

In January of this year, Ubiquiti notified its customers that there had been a breach affecting part of their IT...

CONTINUE READING
Chris Marsh|April 26, 2021

AppSec Stats Flash Vol. 4 Is Now Live

Each month, the AppSec Stats Flash reflects on the evolving threat landscape, tracks key AppSec metrics on an ongoing basis...

CONTINUE READING
Eric Sheridan|April 20, 2021

Upcoming Webinar: Blueprint for Governance – Integrating API Security Testing within Postman

According to Postman, the development and adoption of APIs continues to skyrocket due to shifts in consumer, architecture and infrastructure...

CONTINUE READING
Cody Beers|April 13, 2021

SolarWinds: What Happened and What’s Next

It has been a little over three months since the SolarWinds Supply-Chain Attack was first discovered, but the full impact...

CONTINUE READING
Andrew Bolster|March 18, 2021

Dr StrangeBot: Or How I Learned to Stop Worrying and Trust Machine Learning

Beneath the cynicism, hyperbole, market–making and FUD; the strategic importance of AI in Cybersecurity is only constrained by us ‘meatbags’.  Being...

CONTINUE READING
Shweta Khare|November 4, 2019

How Application Security Strengthens Healthcare Organizations’ Security Posture

The State of Data Breaches in the Healthcare Industry This decade has seen an unprecedented number of connected systems and...

CONTINUE READING
Security Specialist|October 3, 2019

WhiteHat Experts Share Tips for National Cybersecurity Awareness Month

A collaborative effort between government and industry, National Cybersecurity Awareness Month (NCSAM) is observed every October in an effort to...

CONTINUE READING
Oscar Tovar|September 10, 2019

SSRF and the Cloud 101: Basics on the Latest Headline-grabbing Vulnerability

Server-side request forgery (SSRF) has been in the news recently for causing mainstream data breaches impacting hundreds of millions of...

CONTINUE READING