RSS feed Get our RSS feed

News by Topic

web application attacks

Results 26 - 49 of 49Sort Results By: Published Date | Title | Company Name
By: Alert Logic     Published Date: May 23, 2019
Securing web applications in the AWS cloud environment relies on the cloud service provider and the customer working together in a shared responsibility model. Effective security for web applications on AWS requires full visibility into the environment in which the apps live, while also proactively monitoring for attacks without causing delays in application development and delivery. For some customers this may be a challenge due to limited personnel resources or expertise. This is where Alert Logic can help. We will automatically show you why, where, and how to respond to vulnerability findings and provide you with short- and long-term recommendations to stop active attacks. To help guide the way, following are key considerations for providing sound web application security running on the AWS cloud.
Tags : 
     Alert Logic
By: Alibaba Cloud SEA     Published Date: Mar 11, 2019
Customers have grown accustomed to high speeds and reliable connectivity. One second of network delay when accessing website, mobile app, or application service can increase your bounce rate and even decrease your customer’s trust in your brand. The typical business pain points per the above scenario are always like: Latency – While, latency problems caused by geographic distance are impossible to solve on the public Internet; Availability – Packet loss and complaints from customers can prevent you from increasing your user base; Cost - The growth of your user base and your business needs both outpace your IT budget. Security - Connections over the public Internet are vulnerable to DDoS attacks and other threats. This whitepaper describes: • Challenges that Magic Video faced before implementing Alibaba Cloud’s solutions • How Alibaba Cloud’s solutions help Magic Video build a global hybrid enterprise network, accelerate content delivery of the application, and maximize bandwidth?
Tags : data center, cloud computing, networking, security, china, global expansion
     Alibaba Cloud SEA
By: AlienVault     Published Date: Oct 21, 2014
Two of the oldest and most common attacks used against web applications, SQL injection attacks and cross-site scripting attacks (XSS), continue to impact thousands of websites and millions of users each year. Finding these exposures quickly is essential in order to prevent system compromise and avoid information leakage. SIEM solutions can be invaluable in this effort by collecting and correlating the data you need to identify patterns that signal an attack.
Tags : alienvault, sql injection, web security, cyber attacks, siem solutions, xss, cross site scripting attacks, siem
     AlienVault
By: AWS     Published Date: May 25, 2018
Effective security for cloud-hosted web applications requires full visibility into the environment in which the apps live and the potential exposure to vulnerabilities — and to do so consistently, while proactively monitoring for attacks without causing delays in application development and delivery. Cloud adoption means that a focus on perimeter security is not sufficient and may even be obstructive, because it can impact application performance and availability. Similarly, relying on your cloud service provider’s security services is insufficient; any provider will tell you that securing the cloud environment is a shared responsibility between cloud service provider and customer, and the responsibility for specifically securing web applications is the sole responsibility of the customer. And although the industry as a whole has become better at protecting lower-level network and server resources, as attackers look for targets, they are moving up the application stack.
Tags : 
     AWS
By: AWS     Published Date: May 31, 2018
Effective security for cloud-hosted web applications requires full visibility into the environment in which the apps live and the potential exposure to vulnerabilities — and to do so consistently, while proactively monitoring for attacks without causing delays in application development and delivery. Cloud adoption means that a focus on perimeter security is not sufficient and may even be obstructive, because it can impact application performance and availability. By completing this form, I agree that I'd like to receive information from Amazon Web Services, Inc. and its affiliates related to AWS services, events and special offers, and my AWS needs by email and post. You may unsubscribe at any time by following the instructions in the communications received. Your information will be handled in accordance with the AWS Privacy Policy. https://aws.amazon.com/privacy/
Tags : 
     AWS
By: AWS     Published Date: Oct 07, 2019
Imperva, an APN Security Competency Partner, can help protect your application workloads on AWS with the Imperva SaaS Web Application Security platform. The Imperva high-capacity network of globally distributed security services protects websites against all types of DDoS threats, including networklevel Layer 3 and Layer 4 volumetric attacks—such as synchronized (SYN) floods and User Datagram Protocol (UDP) floods—and Layer 7 application-level attacks (including the OWASP Top 10 threats) that attempt to compromise application resources. Harnessing real data about current threats from a global customer base, both the Web Application Firewall (WAF) and DDoS protection, incorporate an advanced client classification system that blocks malicious traffic without interfering with legitimate users. Enterprises can easily create custom security rules in the GUI to enforce their specific security policy. In addition, this versatile solution supports hybrid environments, allowing you to manage th
Tags : 
     AWS
By: AWS     Published Date: Oct 07, 2019
DigiCert implemented Imperva to protect their hybrid environment. They were already using Imperva’s WAF on-premises to defend against Layer 7 attacks, known threats, and zero-day attacks to rapidly identify the threats that required investigation. By expanding their usage of Imperva, DigiCert was able to extend protection to AWS and maintain their security posture both during and after migration. Imperva’s sophisticated threat detection technology draws upon vast experience in the WAF market. As traffic passes through their network, advanced client classification technology (together with crowdsourcing and IP reputation data) automatically analyzes it to identify and block web application attacks. These include SQL injection, cross-site scripting, illegal resource access, comment spam, site scraping, malicious bots, and other top threats. Granular filters and controls reduce false positives and prevent access from unwanted visitors, while IP address shielding hides the web server’s IP
Tags : 
     AWS
By: Citrix Systems, Inc.     Published Date: Jan 19, 2016
Customers, employees and partners are more frequently accessing web-delivered services from their mobile devices. At the same time, attackers are constantly discovering new ways to compromise security, including advanced malware and application layer attacks. Without the right tools, you are vulnerable. NetScaler gives you the visibility and control to manage, accelerate, and secure all your web properties, so you can deliver both the service and security your users demand. To learn more about web security and NetScaler, read the full report: Defend Web Properties from Modern Threats with Citrix NetScaler
Tags : citrix, security, netscaler, web
     Citrix Systems, Inc.
By: Cyveillance     Published Date: Jun 20, 2014
Phishing is defined by the Financial Services Technology Consortium (FSTC) as a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individuals into revealing personal credentials that can be used fraudulently against them. In short, it’s online fraud to the highest degree. Although it’s been around for years, phishing is still one of the most common and effective online scams. The schemes are varied, typically involving some combination of spoofed email (spam), malicious software (malware), and fake websites to harvest personal information from unwitting consumers. The explosive rise of mobile devices, mobile applications, and social media networks has given phishers new vectors to exploit, along with access to volumes of personal data that can be used in more targeted attacks or spear phishing. The fact that phishing attacks are still so common highlights their efficacy and reinforces the need to implement comprehensive phishing and response plans to protect organizations. An effective phishing protection plan should focus on four primary areas: Prevention, Detection, Response, and Recovery. High-level recommendations for each of the four areas are outlined in this whitepaper.
Tags : cyveillance, phishing, security, cyberattacks, cybercriminals, threats
     Cyveillance
By: F5 Networks Inc     Published Date: Sep 14, 2018
When most people think of denial of service (DoS) attacks, they think of the large pipe-saturating distributed denial of service (DDoS) attacks aimed at the network layer. However, attacks on website or application availability are not just volumetric in nature. Many attacks are designed to cause resource exhaustion somewhere in the application stack, the application servers, middleware, or back-end database.
Tags : 
     F5 Networks Inc
By: IBM     Published Date: Aug 21, 2008
As businesses grow increasingly dependent upon Web applications, these complex entities are becoming more difficult to secure. Most companies equip their Web sites with firewalls, Secure Sockets Layer (SSL), and network and host security, but the majority of attacks are on applications themselves.
Tags : application security, web security, ibm, ibm mi, ibm grm, security
     IBM
By: IBM     Published Date: Sep 10, 2009
Read this Trend and Risk report from IBM® ISS X-Force® to learn statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and more!
Tags : ibm iss x-force threat and risk report, ibm, web-related security threats, spam and phishing, malware, cvss, top vendor list, web application vulnerabilities
     IBM
By: KEMP Technologies     Published Date: Aug 04, 2008
Small-to-medium sized businesses (SMB) are increasingly relying upon web-based applications and web-enabled services for running their business. Applications such as CRM, e-commerce transactions and other web-enabled applications are accessed both locally and remotely from outside the business facilities. These web-based applications are vulnerable to attacks from viruses, intrusions, and denial of service (DoS) attacks, as traffic comes into the network through various ports and firewalls without being inspected.
Tags : load balancer, load balancing, application delivery, ssl acceleration, application optimization, windows terminal services, terminal services, content switching
     KEMP Technologies
By: Limelight Networks     Published Date: Mar 02, 2018
Today, digital security is top-of-mind. From the boardroom to the backroom, everyone is asking the same questions, “How do we protect our digital experiences? How do we ensure our website is safe for our visitors? How do we make sure that no one can steal our content?” But safeguarding a digital experience isn’t a one-size-fits-all solution. It often involves multiple techniques and layers of security. From verifying your identity (with HTTPS) to encrypting sensitive data to restricting access and protecting multimedia content, you must approach security in a layered manner, employing multiple means and techniques to protect the digital content through which your audience interacts. This paper explores ten different methods and technologies that an organization can employ to protect its content. This multi-layered approach can effectively protect your digital content, ensure high availability, and maintain superior quality of experience for every digital visitor. You’ll learn: 10 s
Tags : content delivery network, cdn, cybersecurity, ddos, waf, web application firewall, distributed denial of service attacks, cloud security
     Limelight Networks
By: Lumension     Published Date: Jan 22, 2013
In this webinar, Randy Franklin Smith (Ultimate Windows Security) shows how application control is an important defense-in-depth measure that can provide detection and prevention of late-stage APT attacks.
Tags : endpoint management, security, compliance, patch management, file integrity monitoring, device control, detection, apt attacks
     Lumension
By: Qualys     Published Date: Apr 05, 2011
To help you understand how to minimize these risks, Qualys provides this guide as a primer to web application security.
Tags : web application security, qualys, vulnerabilities, sql injection, ssi injection, xpath injection, attacks, qualysguard was 2.0
     Qualys
By: Qualys     Published Date: Jan 11, 2017
When web applications are breached, enormous amounts of sensitive business data can be lost. According to Verizon’s 2014 Data Breach Investigations Report, web application attacks more than doubled in 2013 to become the #1 cause of security incidents
Tags : information security, it compliance, it audit, it security, network security, web application security, application security
     Qualys
By: Shape Security     Published Date: Sep 12, 2019
A Big 5 Canadian bank had been suffering from automated attacks on its web and mobile login applications for months. Bad actors were performing credential stuffing attacks on all possible channels. Not only were the attacks leading to account takeover fraud losses, but the sheer volume of attacks also put significant strain on the bank’s infrastructure. After months of playing cat-and-mouse with the attackers, the bank decided to seek out a sophisticated solution and approached Shape. In this case study, learn how Shape’s Enterprise Defense service and Threat Intelligence team were able to successfully defend against these attacks.
Tags : 
     Shape Security
By: SpyCloud     Published Date: Mar 30, 2018
Because of widespread password reuse, Account Takeover (ATO) attacks have become an extremely lucrative business for cybercriminals. Organized crime rings are performing ATO attacks at a massive scale by leveraging botnet-infected armies to attempt credential-stuffing attacks against various web and mobile applications. Cyber criminals exploit compromised accounts for financial gain by pilfering financial or personally identifiable information (PII) directly or by selling access to these accounts on underground markets. Download our report to understand: The Underground economy driving these attacks The tools criminals are using to automate ATO Remediation Strategies to prevent ATO in your organization
Tags : 
     SpyCloud
By: Symantec     Published Date: Apr 02, 2015
The discovery of the Heartbleed bug in April, 2014 exposed a serious vulnerability in OpenSSL, an open-source cryptographic library often used with applications and web servers like Apache and Nginx. This latest high profile, targeted attack allowed infiltrators access to the memory of web servers running vulnerable versions of the library. Heartbleed quickly compromised the privacy for communications applications on the Web such as e-commerce, banking, email, and instant messaging, and opened the door to the interception of user information, passwords, and identities. While the world now knows of the widespread havoc Heartbleed has caused to both businesses and individuals, it begs the question, “What happens when the next Heartbleed (or worse) comes along, and what can an organization do to weather yet another chapter in an all-too-familiar string of debilitating attacks?
Tags : heartbleed bug, openssl, communications applications, e-commerce, user information, passwords, security
     Symantec
By: Tenable     Published Date: Jan 25, 2019
"Web application attacks are the top source of data breaches today. The 2018 Cybersecurity Insiders Application Security Report reveals that 62% of cybersecurity professionals are at best moderately confident in their organization’s application security posture. Not surprisingly, about the same number consider their application security strategies immature.Applications play a critical role in supporting key business processes, but organizations are struggling to keep them safe. This eBook examines the 5 best practices for application security. Read this ebook now to understand: -Which types of apps present the highest security risk -Best practices for reducing security risks associates with web applications -Steps you can take now to secure web applications "
Tags : 
     Tenable
By: Veracode     Published Date: Oct 26, 2016
Web application attacks are now the most frequent pattern in confirmed breaches, and organizations know that application security is key to protecting their data. But many organizations lack the resources to develop a comprehensive AppSec program, and need to look to external services. Download this guide for a straightforward, four-step method for acquiring the services you need to support a comprehensive AppSec program.
Tags : veracode, application security, sans, security
     Veracode
By: Veracode     Published Date: Oct 28, 2016
Web application attacks are the most frequent pattern in confirmed breaches. But many security budgets don’t line up with this risk. Getting the budget for AppSec won’t be easy, but now is the time to make the case. Download this e-book to find out the reasons why AppSec is the most productive security spend.
Tags : veracode, security, devops, appsec
     Veracode
By: Webroot Inc     Published Date: Aug 27, 2015
In the past year, Webroot encountered tens of millions of instances of malware and potentially unwanted applications (PUAs), monitored billions of IP addresses and URLs, analyzed millions of new and updated mobile apps for malicious behavior, and studied major malware trends based on data from millions of endpoints. This report contains insights, analysis, and information on how collective threat intelligence can protect organizations from sophisticated attacks.
Tags : malware, unwanted applications, malicious behavior, threat intelligence, security
     Webroot Inc
Previous    1 2     Next   
Search Research Library      

Add Research

Get your company's research in the hands of targeted business professionals.

Related Topics