RSS feed Get our RSS feed

News by Topic

web application attacks

Results 26 - 47 of 47Sort Results By: Published Date | Title | Company Name
By: Akamai Technologies     Published Date: Apr 25, 2018
Cyber attackers are targeting the application programming interfaces (APIs) used by businesses to share data with customers. Consumer mobile adoption, electronic goods and services, and high volumes of data have led businesses to use APIs for data exchange. Unfortunately, attackers can also use APIs to access or deny service to valuable data and systems. This white paper explores strategies for protecting APIs. You’ll learn about APIs, how and why these endpoints are targets for web application attacks, security models, and how Akamai can help.
Tags : api, security, interface, businesses, data, mobile, adoption
     Akamai Technologies
By: SpyCloud     Published Date: Mar 30, 2018
Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals. Organized crime rings are performing ATO attacks at a massive scale by leveraging botnet-infected armies to attempt credential-stuffing attacks against various web and mobile applications. Cyber criminals exploit compromised accounts for financial gain by pilfering financial or personally identifiable information (PII) directly or by selling access to these accounts on underground markets. Download our report to understand: The Underground economy driving these attacks The tools criminals are using to automate ATO Remediation Strategies to prevent ATO in your organization
Tags : 
     SpyCloud
By: Alert Logic     Published Date: May 23, 2019
Securing web applications in the AWS cloud environment relies on the cloud service provider and the customer working together in a shared responsibility model. Effective security for web applications on AWS requires full visibility into the environment in which the apps live, while also proactively monitoring for attacks without causing delays in application development and delivery. For some customers this may be a challenge due to limited personnel resources or expertise. This is where Alert Logic can help. We will automatically show you why, where, and how to respond to vulnerability findings and provide you with short- and long-term recommendations to stop active attacks. To help guide the way, following are key considerations for providing sound web application security running on the AWS cloud.
Tags : 
     Alert Logic
By: Akamai Technologies     Published Date: May 07, 2018
We are pleased to present the Cost of Web Application and Denial of Service Attacks, sponsored by Akamai Technologies. The purpose of this research is to understand changes in the cost and consequences of web application and denial of service attacks since the study was first conducted in 2015. For this study, Ponemon Institute surveyed 621 individuals in IT operations, IT security, IT compliance or data center administration.
Tags : web, application, attacks, security, akamai, technology
     Akamai Technologies
By: Tenable     Published Date: Jan 25, 2019
"Web application attacks are the top source of data breaches today. The 2018 Cybersecurity Insiders Application Security Report reveals that 62% of cybersecurity professionals are at best moderately confident in their organization’s application security posture. Not surprisingly, about the same number consider their application security strategies immature.Applications play a critical role in supporting key business processes, but organizations are struggling to keep them safe. This eBook examines the 5 best practices for application security. Read this ebook now to understand: -Which types of apps present the highest security risk -Best practices for reducing security risks associates with web applications -Steps you can take now to secure web applications "
Tags : 
     Tenable
By: AlienVault     Published Date: Oct 21, 2014
Two of the oldest and most common attacks used against web applications, SQL injection attacks and cross-site scripting attacks (XSS), continue to impact thousands of websites and millions of users each year. Finding these exposures quickly is essential in order to prevent system compromise and avoid information leakage. SIEM solutions can be invaluable in this effort by collecting and correlating the data you need to identify patterns that signal an attack.
Tags : alienvault, sql injection, web security, cyber attacks, siem solutions, xss, cross site scripting attacks, siem
     AlienVault
By: AWS     Published Date: May 31, 2018
Effective security for cloud-hosted web applications requires full visibility into the environment in which the apps live and the potential exposure to vulnerabilities — and to do so consistently, while proactively monitoring for attacks without causing delays in application development and delivery. Cloud adoption means that a focus on perimeter security is not sufficient and may even be obstructive, because it can impact application performance and availability. By completing this form, I agree that I'd like to receive information from Amazon Web Services, Inc. and its affiliates related to AWS services, events and special offers, and my AWS needs by email and post. You may unsubscribe at any time by following the instructions in the communications received. Your information will be handled in accordance with the AWS Privacy Policy. https://aws.amazon.com/privacy/
Tags : 
     AWS
By: IBM     Published Date: Sep 10, 2009
Read this Trend and Risk report from IBM® ISS X-Force® to learn statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and more!
Tags : ibm iss x-force threat and risk report, ibm, web-related security threats, spam and phishing, malware, cvss, top vendor list, web application vulnerabilities
     IBM
By: Lumension     Published Date: Jan 22, 2013
In this webinar, Randy Franklin Smith (Ultimate Windows Security) shows how application control is an important defense-in-depth measure that can provide detection and prevention of late-stage APT attacks.
Tags : endpoint management, security, compliance, patch management, file integrity monitoring, device control, detection, apt attacks
     Lumension
By: AWS     Published Date: May 25, 2018
Effective security for cloud-hosted web applications requires full visibility into the environment in which the apps live and the potential exposure to vulnerabilities — and to do so consistently, while proactively monitoring for attacks without causing delays in application development and delivery. Cloud adoption means that a focus on perimeter security is not sufficient and may even be obstructive, because it can impact application performance and availability. Similarly, relying on your cloud service provider’s security services is insufficient; any provider will tell you that securing the cloud environment is a shared responsibility between cloud service provider and customer, and the responsibility for specifically securing web applications is the sole responsibility of the customer. And although the industry as a whole has become better at protecting lower-level network and server resources, as attackers look for targets, they are moving up the application stack.
Tags : 
     AWS
By: Alert Logic     Published Date: Jun 12, 2014
New security threats are emerging all the time, from new forms of malware and web application exploits that target code vulnerabilities to attacks that rely on social engineering. Defending against these risks is an ongoing battle. Download to learn more!
Tags : cloud security, vulnerability management, vulnerabilities, patching, patch management, security
     Alert Logic
By: Qualys     Published Date: Jan 11, 2017
When web applications are breached, enormous amounts of sensitive business data can be lost. According to Verizon’s 2014 Data Breach Investigations Report, web application attacks more than doubled in 2013 to become the #1 cause of security incidents
Tags : information security, it compliance, it audit, it security, network security, web application security, application security
     Qualys
By: Webroot Inc     Published Date: Aug 27, 2015
In the past year, Webroot encountered tens of millions of instances of malware and potentially unwanted applications (PUAs), monitored billions of IP addresses and URLs, analyzed millions of new and updated mobile apps for malicious behavior, and studied major malware trends based on data from millions of endpoints. This report contains insights, analysis, and information on how collective threat intelligence can protect organizations from sophisticated attacks.
Tags : malware, unwanted applications, malicious behavior, threat intelligence, security
     Webroot Inc
By: Citrix Systems, Inc.     Published Date: Jan 19, 2016
Customers, employees and partners are more frequently accessing web-delivered services from their mobile devices. At the same time, attackers are constantly discovering new ways to compromise security, including advanced malware and application layer attacks. Without the right tools, you are vulnerable. NetScaler gives you the visibility and control to manage, accelerate, and secure all your web properties, so you can deliver both the service and security your users demand. To learn more about web security and NetScaler, read the full report: Defend Web Properties from Modern Threats with Citrix NetScaler
Tags : citrix, security, netscaler, web
     Citrix Systems, Inc.
By: Symantec     Published Date: Apr 02, 2015
The discovery of the Heartbleed bug in April, 2014 exposed a serious vulnerability in OpenSSL, an open-source cryptographic library often used with applications and web servers like Apache and Nginx. This latest high profile, targeted attack allowed infiltrators access to the memory of web servers running vulnerable versions of the library. Heartbleed quickly compromised the privacy for communications applications on the Web such as e-commerce, banking, email, and instant messaging, and opened the door to the interception of user information, passwords, and identities. While the world now knows of the widespread havoc Heartbleed has caused to both businesses and individuals, it begs the question, “What happens when the next Heartbleed (or worse) comes along, and what can an organization do to weather yet another chapter in an all-too-familiar string of debilitating attacks?
Tags : heartbleed bug, openssl, communications applications, e-commerce, user information, passwords, security
     Symantec
By: IBM     Published Date: Aug 21, 2008
As businesses grow increasingly dependent upon Web applications, these complex entities are becoming more difficult to secure. Most companies equip their Web sites with firewalls, Secure Sockets Layer (SSL), and network and host security, but the majority of attacks are on applications themselves.
Tags : application security, web security, ibm, ibm mi, ibm grm, security
     IBM
By: KEMP Technologies     Published Date: Aug 04, 2008
Small-to-medium sized businesses (SMB) are increasingly relying upon web-based applications and web-enabled services for running their business. Applications such as CRM, e-commerce transactions and other web-enabled applications are accessed both locally and remotely from outside the business facilities. These web-based applications are vulnerable to attacks from viruses, intrusions, and denial of service (DoS) attacks, as traffic comes into the network through various ports and firewalls without being inspected.
Tags : load balancer, load balancing, application delivery, ssl acceleration, application optimization, windows terminal services, terminal services, content switching
     KEMP Technologies
By: Qualys     Published Date: Apr 05, 2011
To help you understand how to minimize these risks, Qualys provides this guide as a primer to web application security.
Tags : web application security, qualys, vulnerabilities, sql injection, ssi injection, xpath injection, attacks, qualysguard was 2.0
     Qualys
By: Cyveillance     Published Date: Jun 20, 2014
Phishing is defined by the Financial Services Technology Consortium (FSTC) as a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individuals into revealing personal credentials that can be used fraudulently against them. In short, it’s online fraud to the highest degree. Although it’s been around for years, phishing is still one of the most common and effective online scams. The schemes are varied, typically involving some combination of spoofed email (spam), malicious software (malware), and fake websites to harvest personal information from unwitting consumers. The explosive rise of mobile devices, mobile applications, and social media networks has given phishers new vectors to exploit, along with access to volumes of personal data that can be used in more targeted attacks or spear phishing. The fact that phishing attacks are still so common highlights their efficacy and reinforces the need to implement comprehensive phishing and response plans to protect organizations. An effective phishing protection plan should focus on four primary areas: Prevention, Detection, Response, and Recovery. High-level recommendations for each of the four areas are outlined in this whitepaper.
Tags : cyveillance, phishing, security, cyberattacks, cybercriminals, threats
     Cyveillance
By: Akamai Technologies     Published Date: Jul 02, 2018
Gartner named Akamai a Leader in their 2017 Magic Quadrant for Web Application Firewalls. A web application firewall is an essential element in your defense against application-layer attacks, which pose an ever-greater threat to productivity and security. The Akamai approach to WAF combines: An anomaly detection model A repeatable testing framework to measure effectiveness Threat intelligence to identify the latest threats A cloud platform for global scale Managed security services to help organizations better protect their websites and web applications over time
Tags : 
     Akamai Technologies
By: Akamai Technologies     Published Date: Nov 02, 2018
Independent technology research firm Forrester evaluated web application firewall (WAF) vendors and published the results in The Forrester Wave™: Web Application Firewalls, Q2 2018. Akamai Technologies emerged as one of the leaders after a comprehensive evaluation on 33 criteria. The report states that security pros require a WAF that will automatically protect web applications, stay ahead of zero-day attacks and protect new application formats including APIs and serverless architectures. The report also reveals detailed findings for the 10 most significant WAF vendors. Akamai’s Kona Site Defender was the top scorer in the zero-day attacks criterion and one of the select vendors rated a Leader, the highest-ranking level in the report. In viewing this Akamai content, we would like to share your data with Akamai. Click here for more info or to opt out.
Tags : 
     Akamai Technologies
By: Veracode     Published Date: Oct 26, 2016
Web application attacks are now the most frequent pattern in confirmed breaches, and organizations know that application security is key to protecting their data. But many organizations lack the resources to develop a comprehensive AppSec program, and need to look to external services. Download this guide for a straightforward, four-step method for acquiring the services you need to support a comprehensive AppSec program.
Tags : veracode, application security, sans, security
     Veracode
Previous    1 2     Next   
Search Research Library      

Add Research

Get your company's research in the hands of targeted business professionals.

Related Topics