In this article, we’ll take a closer look at how research partners Vertical Structure and WhiteHat Security worked together to identify and verify a vulnerability, and then notify and work with the vendor to quickly and effectively remediate the issue and protect customers.
The RSA Conference (March 4-8, 2019) kicks off today in San Francisco, serving as a timely and important reminder of the criticality of securely building products in an increasingly unsafe digital world.
Shockingly, application security is an often-overlooked area in the enterprise cybersecurity lineup, despite its clear criticality.
Today’s applications touch millions if not billions of people on a daily basis. With virtually every business using applications to grow, they are critical to companies’ success—yet the vulnerabilities and risks associated with them continue to increase exponentially.
There is no 100 percent secure, completely flawless computer program, yet security practices are often an after thought in programming. But even with the best security practices 'baked into' the software life cycle (SLC), there is still the possibility of a zero-day vulnerability existing in the code.
The news was just released that a massive breach hit Uber in October of 2016. The personal information of 57 million Uber users and 7 million Uber drivers were stolen, including names, email addresses and phone numbers.
As the news unfolds on Equifax and the latest and greatest of the Apache Struts hacks, a co-worker and I were talking about it amongst ourselves. “Why would someone leave a critical vulnerability unpatched for months?”, my co-worker asked in puzzled tones.
WhiteHat Scout is a fully automated static analysis product to develop secure software from the start for successful DevOps implementations.
The WhiteHat Sentinel Application Programming Interface (API) can help you out. Whether you’re looking to bring information into your own ticketing system, a SIEM, a new set of developer tools, or even a home-grown environment, we hope you’ll find pointers to the documentation which will help make it easy.
The CopyCat malware exploits some known vulnerabilities in older versions of Android which allows an attacker to root the victim’s phone. It then can install applications and will hijack ads from your phone, effectively paying the attacker each time an ad pops up.
This Top 10 list is for you — developers and software engineers — designing mobile apps today.
With the recent emphasis on application security, organizations now strive to fix web app security vulnerabilities earlier in the SDLC, before apps are deployed in order to lower the risk of potential data breaches.
This week, it was reported that certain versions of the Apache Struts 2 Framework are vulnerable to Remote Code Execution attacks.
With the migration towards digital transformation and the onslaught of cyber attacks, we need a “Security Facts” label so that we as consumers may make more informed decisions about the risk we are inheriting from the use or acquisition of applications.
After a lot of coordination, research, voting by the community and judging - learn the Top 10 Web Hacking Techniques of 2015.