Learn best practices about how to avoid API Vulnerabilities from security experts at WhiteHat Security.
Week two of National Cyber Security Awareness Month is focused around security in the workplace. What can individuals and companies do to keep their employees and their confidential information protected? I have a few tips for everyone regarding workplace cyber security.
I’ve written about the recent Equifax, Sonic and Whole Foods breaches already, but am following up here to challenge anyone reading this: HAVE YOU TAKEN ACTION TO PROTECT YOURSELF YET?
I often get asked the same question by people: ‘with all these breaches happening, what can I do to protect myself?’. Well I’m here to share a couple tips on how to stay safe.
Planning to attend the JavaOne Conference October 1-5 in San Francisco? Come on by and meet the team at WhiteHat Security to learn more about secure DevOps, and pick up a gift card for a free 6-month trial of our new static analysis product for Java developers!
As the news unfolds on Equifax and the latest and greatest of the Apache Struts hacks, a co-worker and I were talking about it amongst ourselves. “Why would someone leave a critical vulnerability unpatched for months?”, my co-worker asked in puzzled tones.
WhiteHat Scout is a fully automated static analysis product to develop secure software from the start for successful DevOps implementations.
We have learned today that the Equifax breach that has affected hundreds of millions of people was exploited by utilizing a known issue in Apache Struts 2, specifically CVE-2017-5638.
Our aim in creating the Learning Labs is to help everyone – developers, security practitioners, and executives - understand the risks in all applications, help IT staff understand how application security fits into their wider security ecosystem, and help teach developers how to write more secure code to make business safer for customers.
The news broke yesterday that Equifax had a massive breach that leaked personal information including Social Security Numbers, names and Drivers License numbers. The scope of this breach is staggering: 143 million records.
Every time someone comes to me for career advice, or asks where I think they should look for their next big opportunity, I say – “Consider a career in cybersecurity.” It is a huge field with a broad spectrum of job opportunities.
In this article, I’m going to help you interpret how the different parts of this cybersecurity regulation touch on AppSec – that is, your websites, your mobile applications, your internal payment systems and networked third-party services.
Pioneer and innovator in application security, WhiteHat has been an early adopter of the technologies driving digital transformation across the business with voice search.
The WhiteHat Sentinel Application Programming Interface (API) can help you out. Whether you’re looking to bring information into your own ticketing system, a SIEM, a new set of developer tools, or even a home-grown environment, we hope you’ll find pointers to the documentation which will help make it easy.
The CopyCat malware exploits some known vulnerabilities in older versions of Android which allows an attacker to root the victim’s phone. It then can install applications and will hijack ads from your phone, effectively paying the attacker each time an ad pops up.
Applications are literally at the core of our digital lives, so it’s more important than ever to ensure that enterprises of all types can provide safe digital experiences. We hope this report provides valuable insights and recommendations on how to secure the apps that drive your business.
There's another 'worldwide' attack known as Petya Ransomware and it's spreading quickly - learn about it first from WhiteHat Security.
I saw another meme go by on Facebook. This one challenged everyone’s memory to name all their Elementary School teachers. And I had more than ten friends participate, which resulted in me yelling at my computer screen again.
Network-connected Internet of Things (IoT) are growing in popularity in homes and businesses, from smart cities and buildings to cars and medical devices. Attempts to subvert or compromise critical functions in organizations due to insecure IoT devices and applications are on the rise and in the news.
IDC predicts that by 2020, data breaches will affect nearly 25% of the world’s population.
Mentor the children of today to be leaders & entrepreneurs of tomorrow.
The question on a lot of peoples’ minds is, “Why was this allowed to happen, wasn’t there a fix?”. Microsoft did indeed release a fix for the SMB vulnerability that ultimately was exploited by the WannaCry attack some months ago. If this patch was available, why didn’t everyone patch? Why were that many systems vulnerable?
The WannaCry attack has gained worldwide notoriety for how quickly and far reaching it has spread. At the heart of the issue was a vulnerability in Microsoft's product that left unpatched systems vulnerable to attack.
This Top 10 list is for you — developers and software engineers — designing mobile apps today.
A large scale cyber attack of hospitals across England has staff and patients reeling. The fallout has serious impacts on individuals’ healthcare, as everything from patient records and prescriptions to surgery schedules are inaccessible.
Every step has led me to where I am today, leading the Sales Engineering organization for WhiteHat Security. It’s a great opportunity to help my team demonstrate to organizations how application security works in a hands-on demonstration, and how to architect their AST solutions. But how did I get here?
There are compelling reasons to evaluate using a SAST platform like WhiteHat Sentinel Source, instead of using a point solution to run SAST scans.
Social skills were on my mind. Listening to women describe their problems, it struck me how many of them had to do with stereotypes and unwritten social expectations. It's the end of Autism Awareness Month as I write this and It's a coincidence that I'd been diagnosed with autism at age 34.
As I was reading the proposed OWASP Top 10 for 2017 and preparing to submit my input, I thought I’d provide a brief recap of the changes here, and share the two large changes that stood out for me.