Discover the Layered Approach to AppSec

NTT Application Security’s newest paper was just released, outlining a new modern approach to AppSec – a layered approach. The...

Kubernetes Security Starts with Your Containers

If we are to “containerize all the things”, as one meme put it, then it would be natural to leverage...

How We Developed SSRF Detection to Help Protect Your Site

Developer Spotlight: Protecting Your Site from Server Side Request Forgery (SSRF) The security landscape is always changing. As software developers,...

A Solid Data Privacy Program can be a Safe Harbor

The rate at which Data Privacy Laws in the U.S., Europe, and other countries are evolving is not slowing down....

Introducing the WhiteHat Vantage Platform

It’s a historic day at NTT Application Security. For just over 20 years, we have served as pioneers in the...

Avoid These Threats on Cyber Weekend

The biggest shopping time of the year is fast approaching, and for consumers this year it means shopping primarily online....

Top 5 Ways to Be Cyber Smart

Welcome to Cybersecurity Awareness Month 2021! It’s been a rollercoaster of a year in cybersecurity, with the workforce embracing a...

Introducing Attack Surface Management powered by Bit Discovery

It’s an exciting day at WhiteHat with the launch of Attack Surface Management powered by Bit Discovery – an innovative...

9 Product Flavors Fit the Security Needs of the Entire Software Lifecycle

Speed to market has been everything in the software development world. But over time we’ve discovered that speed alone cannot...

NTT’s Approach to Detecting Cross-Site Request Forgery

Cross-Site Request Forgery (CSRF) generates many questions from prospects, customers, partners, and Web application security professionals we work with. The questions...

Application Security Tools are Becoming Indispensable for Enterprises

ROBOT: For When the Metal Ones Decide to Come for You

Prediction: Automatic Updates are the Future

Interview with an AppSec Professional: Designing an AppSec from the Inside Out

Find Web App Vulnerabilities for Free with WhiteHat Sentinel Dynamic!

Learn the Secret to Secure Application Development at JavaOne

Developer’s Corner: WhiteHat Sentinel APIs

It’s here: The 2017 WhiteHat Security Application Security Statistics Report!

Working with Autism in Application Security

WhiteHat Certified Secure Developer Program Off to a Roaring Start

3 Ways To Empower Developers to Actually FIX Security Vulnerabilities as Part of their DevOps Workflows

App Permissions: Beware the Hidden Accesses

Apache Struts 2 CVE-2017-5638: Are My Applications Vulnerable to Remote Code Execution?

Introducing the WhiteHat Certified Secure Developer Program

Our Top 5 Most Watched Webinars of 2016

Top 10 Web Hacking Techniques of 2015

UPDATE – 4/20/2016 We have our Top 10 list folks! After a lot of coordination, research, voting by the community and...

CVE-2015-0204 Freak Attack

It has been discovered that OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k are vulnerable to a downgrade...

Top 10 Proactive Web Application Security Measures

I think a lot of web designers and web masters have almost no idea what are the most important things...

How I stole source code with Directory Indexing and Git

The keys to the kingdom pretty much always come down to acquiring source code for the web application you’re attacking...

Password Cracking AES-256 DMGs and Epic Self-Pwnage

Two weeks ago I was in the midst of a nightmare. I’d forgotten a password. Not just any password. THE...