In web application security, a false positive is when a security scanner indicates that your website has a vulnerability, but in reality, there is nothing there to fix. Security professionals chase endlessly, looking for non-existent cyberattacks which can be leading cause of burnout among security professionals.

more →

Financial services organizations are where the money is, and as such will always be prime targets for cybercrime. For many financial institutions, this bot traffic can account for more than half of their overall website traffic — covering both good bots engaged in essential business tasks to bad bots performing malicious activities.

more →

This month we are sharing a blog from our security partner Oracle Dyn that takes a look at dealing with DDoS attacks.

If a DDoS attack hasn’t happened to your organization yet, odds are one will eventually. So it’s crucial to familiarize yourself with DDoS attack mitigation best practices.

more →

This month we are sharing a blog from our security partner Radware that takes a look at recent attacks on the financial services industry.

Over the last few weeks, Radware has been tracking a significant Credential Stuffing Campaign targeting the financial industry in the United States and Europe.

more →

This month we are sharing a blog from our security partner Oracle + Dyn that takes a look at web application security and what lies ahead.

Websites and apps are increasingly under attack, so effective web application security must be a top priority.

Before 2008, data breaches were somewhat rare, and most occurred because of human error, such as the loss of a laptop, a USB drive, or some other media.

more →

A WAF, standing for a Web Application Firewall, serves the purpose of protecting one or more web applications from being breached. They are widely deployed amongst businesses to help keep company records and customer information secure. Gartner notes that customers characterised WAFs as regularly being ‘frustrating’ and ‘a disappointment’. As the web becomes more complex, it’s becoming increasingly difficult for hardware vendors to meet existing and evolving requirements, such as moving web applications to cloud infrastructure (IaaS).

more →

Web and mobile application cyber-attacks are on the increase, with Forrester reporting that 40% of all security breaches are aimed at these services.[1] Even more worryingly, attacks specifically targeting secure Web services such as e-commerce are particularly on the rise, with Arbor Networks recently reporting “a massive increase over last year”.[2]

It is not surprising that cybercriminals are targeting web-based applications.

more →