
Discover the Layered Approach to AppSec
NTT Application Security’s newest paper was just released, outlining a new modern approach to AppSec – a layered approach. The...
CONTINUE READING
Kubernetes Security Starts with Your Containers
If we are to “containerize all the things”, as one meme put it, then it would be natural to leverage...
CONTINUE READING
How We Developed SSRF Detection to Help Protect Your Site
Developer Spotlight: Protecting Your Site from Server Side Request Forgery (SSRF) The security landscape is always changing. As software developers,...
CONTINUE READING
A Solid Data Privacy Program can be a Safe Harbor
The rate at which Data Privacy Laws in the U.S., Europe, and other countries are evolving is not slowing down....
CONTINUE READING
Introducing the WhiteHat Vantage Platform
It’s a historic day at NTT Application Security. For just over 20 years, we have served as pioneers in the...
CONTINUE READING
Avoid These Threats on Cyber Weekend
The biggest shopping time of the year is fast approaching, and for consumers this year it means shopping primarily online....
CONTINUE READING
Top 5 Ways to Be Cyber Smart
Welcome to Cybersecurity Awareness Month 2021! It’s been a rollercoaster of a year in cybersecurity, with the workforce embracing a...
CONTINUE READING
Introducing Attack Surface Management powered by Bit Discovery
It’s an exciting day at WhiteHat with the launch of Attack Surface Management powered by Bit Discovery – an innovative...
CONTINUE READING
9 Product Flavors Fit the Security Needs of the Entire Software Lifecycle
Speed to market has been everything in the software development world. But over time we’ve discovered that speed alone cannot...
CONTINUE READING
NTT’s Approach to Detecting Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) generates many questions from prospects, customers, partners, and Web application security professionals we work with. The questions...
CONTINUE READING













Top 10 Web Hacking Techniques of 2015
UPDATE – 4/20/2016 We have our Top 10 list folks! After a lot of coordination, research, voting by the community and...
CONTINUE READING
CVE-2015-0204 Freak Attack
It has been discovered that OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k are vulnerable to a downgrade...
CONTINUE READING
Top 10 Proactive Web Application Security Measures
I think a lot of web designers and web masters have almost no idea what are the most important things...
CONTINUE READING
How I stole source code with Directory Indexing and Git
The keys to the kingdom pretty much always come down to acquiring source code for the web application you’re attacking...
CONTINUE READING
Password Cracking AES-256 DMGs and Epic Self-Pwnage
Two weeks ago I was in the midst of a nightmare. I’d forgotten a password. Not just any password. THE...
CONTINUE READING