There have been a few high-profile breaches in the news lately related to Magecart, including British Airways, Ticketmaster, and Feedify. For those who don’t know, Magecart is a hacker group whose modus operandi involves skimming credit card details with code tailored to the sites they infect ...
There is no 100 percent secure, completely flawless computer program, yet security practices are often an after thought in programming. But even with the best security practices 'baked into' the software life cycle (SLC), there is still the possibility of a zero-day vulnerability existing in the code.
Now in its fifth year, National Coding Week has gone from strength to strength. Founded in the UK to help people improve their digital literacy and aiming to fill the growing IT skills gap, it is now a truly global event with huge amounts of interest from the press and exposure across social media platforms.
In order to fully assess a client website, it needs to be first fully mapped and scanned--with all links, forms, APIs, etc. discovered. Currently, a lot of human time and resources are dedicated to these tasks. Using ML, we could potentially speed up this process even more, further decreasing time to value for our clients.
There is no doubt that AI and ML offer major advantages for modern cybersecurity applications compared to older, automated versions. The ability for applications to learn based on experience and use the knowledge to inform their behavior when confronted with similar issues in the future delivers a significant benefit.
WhiteHat is positioned extremely well to capitalize on recent developments in ML. ML allows us to make sense of the data, train a set of expert networks on this data, and then use these networks to supplement our human element.
New Sentinel Dynamic enhancements enable highest level of accuracy in shortest timeframe, make real-time risk assessment a reality and empower developers to create secure web applications at the fast pace demanded by modern businesses
On August 22, 2018, Apache Struts announced a security vulnerability and patch which remediates a critical remote code execution vulnerability. Apache Struts is a Java-based web application platform used by an estimated 65 percent of Fortune 100 companies. With this latest vulnerability, attackers can exploit a web application...
Learn what constitutes an ideal static analysis (SAST) solution, the importance of depth of coverage, and some causes of false positives – how they come up, why they happen, and what can be done about them.
Blacklisting is not the best or only way to avoid an XSS attack. This web application penetration scenario shows how an attacker could circumvent this safety feature.