This decade has seen an unprecedented number of connected systems and devices, automated delivery systems and increased mobile device usage in the healthcare industry.
A collaborative effort between government and industry, National Cybersecurity Awareness Month (NCSAM) is observed every October in an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to stay safer and more secure online.
Server-side request forgery (SSRF) has been in the news recently for causing mainstream data breaches impacting hundreds of millions of consumers.
There have been a few high-profile breaches in the news lately related to Magecart, including British Airways, Ticketmaster, and Feedify. For those who don’t know, Magecart is a hacker group whose modus operandi involves skimming credit card details with code tailored to the sites they infect ...
Angular Frameworks on a TypeScript back end: Security improvements for API calls with a warning
Learn about new self-service features: Associated Host Names & BLA Scheduling.
As more and more organizations are embracing agile, fast waterfall, DevOps methodologies, a key cultural shift is happening towards bringing security closer to developers.
Software Composition Analysis (SCA) allows you to identify third-party and open source components that have been integrated into all your applications.
Using "HREF with Target" can have exploits and weaknesses - learn best practices from secure coding experts on preventive measures.
Week four of National Cyber Security Awareness Month is focused around a career in cyber security.
Week three of National Cyber Security Awareness Month is focused around connected devices.
As the news unfolds on Equifax and the latest and greatest of the Apache Struts hacks, a co-worker and I were talking about it amongst ourselves. “Why would someone leave a critical vulnerability unpatched for months?”, my co-worker asked in puzzled tones.
Our aim in creating the Learning Labs is to help everyone – developers, security practitioners, and executives - understand the risks in all applications, help IT staff understand how application security fits into their wider security ecosystem, and help teach developers how to write more secure code to make business safer for customers.
I saw another meme go by on Facebook. This one challenged everyone’s memory to name all their Elementary School teachers. And I had more than ten friends participate, which resulted in me yelling at my computer screen again.
Network-connected Internet of Things (IoT) are growing in popularity in homes and businesses, from smart cities and buildings to cars and medical devices. Attempts to subvert or compromise critical functions in organizations due to insecure IoT devices and applications are on the rise and in the news.
In the first webinar Introduction to Application Security for Developers, WhiteHat geared towards training and certifying developers to be secure coders.
What follows is a directory traversal hack I found “In the Wild” as they say, on a customer’s actual website I was working on. Our customer was a large enterprise client involved in Information Management, but this could be present on many web applications that allow a user to upload and download files.
This article provides an executive summary on the Blockchain technology, what it is, how it works, and why everyone is excited about it.
After a lot of coordination, research, voting by the community and judging - learn the Top 10 Web Hacking Techniques of 2015.
Learn the top 10 website hacking techniques for the year.
Common HTTP headers are components of the header section of request and response messages in the Hypertext Transfer Protocol (HTTP).