Security Specialist|May 26, 2022

Discover the Layered Approach to AppSec

NTT Application Security’s newest paper was just released, outlining a new modern approach to AppSec – a layered approach. The...

CONTINUE READING
Eric Sheridan|May 10, 2022

Kubernetes Security Starts with Your Containers

If we are to “containerize all the things”, as one meme put it, then it would be natural to leverage...

CONTINUE READING
Christie Stewart|April 7, 2022

How We Developed SSRF Detection to Help Protect Your Site

Developer Spotlight: Protecting Your Site from Server Side Request Forgery (SSRF) The security landscape is always changing. As software developers,...

CONTINUE READING
Wendy Foote|January 28, 2022

A Solid Data Privacy Program can be a Safe Harbor

The rate at which Data Privacy Laws in the U.S., Europe, and other countries are evolving is not slowing down....

CONTINUE READING
Chris Marsh|December 9, 2021

Introducing the WhiteHat Vantage Platform

It’s a historic day at NTT Application Security. For just over 20 years, we have served as pioneers in the...

CONTINUE READING
Danny Thomas|November 23, 2021

Avoid These Threats on Cyber Weekend

The biggest shopping time of the year is fast approaching, and for consumers this year it means shopping primarily online....

CONTINUE READING
whitehatsec|October 7, 2021

Top 5 Ways to Be Cyber Smart

Welcome to Cybersecurity Awareness Month 2021! It’s been a rollercoaster of a year in cybersecurity, with the workforce embracing a...

CONTINUE READING
Chris Marsh|April 27, 2021

Introducing Attack Surface Management powered by Bit Discovery

It’s an exciting day at WhiteHat with the launch of Attack Surface Management powered by Bit Discovery – an innovative...

CONTINUE READING
Joseph Feiman|June 11, 2019

9 Product Flavors Fit the Security Needs of the Entire Software Lifecycle

Speed to market has been everything in the software development world. But over time we’ve discovered that speed alone cannot...

CONTINUE READING
NTT Application Security|May 28, 2019

NTT’s Approach to Detecting Cross-Site Request Forgery

Cross-Site Request Forgery (CSRF) generates many questions from prospects, customers, partners, and Web application security professionals we work with. The questions...

CONTINUE READING
Kuskos|January 12, 2016

Top 10 Web Hacking Techniques of 2015

UPDATE – 4/20/2016 We have our Top 10 list folks! After a lot of coordination, research, voting by the community and...

CONTINUE READING
Ryan O'Leary|May 28, 2015

CVE-2015-0204 Freak Attack

It has been discovered that OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k are vulnerable to a downgrade...

CONTINUE READING
Robert Hansen|July 13, 2013

Top 10 Proactive Web Application Security Measures

I think a lot of web designers and web masters have almost no idea what are the most important things...

CONTINUE READING
Kuskos|May 21, 2013

How I stole source code with Directory Indexing and Git

The keys to the kingdom pretty much always come down to acquiring source code for the web application you’re attacking...

CONTINUE READING
Jeremiah Grossman|February 7, 2013

Password Cracking AES-256 DMGs and Epic Self-Pwnage

Two weeks ago I was in the midst of a nightmare. I’d forgotten a password. Not just any password. THE...

CONTINUE READING