There is a new attack surface when the app tech stack includes GraphQL. It’s Batched Attacks on GraphQL APIs. How can these apps be protected? Read more to find out.
we need to kick out the solutions that are no longer functioning to give ample room for the advanced WAF solutions. Join us in this discussion.
Even web application APIs can be subject to race conditions. Check out where it can happen such as the cases of HTTP pipelining, splitting HTTP and others.
Hundreds of millions of people using everyday platforms could be at risk. One of the most popular server-side web programming languages, Hypertext Preprocessor (PHP) was discovered to be at high risk for attacks. Patches for high-severity vulnerabilities have been released. Without a protective system like a smart WAF or a patch in place, those vulnerabilities could open the door for remote attacks that compromise servers through arbitrary code execution.
Understand WAFs and cybersecurity. Recent WAF-based breaches with CapitalOne, Imperva, and Cloudflare offer essential lessons we can learn from where WAF technology is failing us and what can we do to improve our security.
Modern-day cyberattacks keep growing in sophistication and sheer volume. This dynamic makes it virtually impossible to detect and block all attacks using the traditional methods of comparing incoming requests to known attack signatures. To effectively operate in this new aggressive cyberthreat environment, it is paramount that IT operations, developers, and DevSecOps adopt a proactive defense mindset. Threat hunting is all about having that powerfully proactive mindset. The underlying goal of threat hunting is to detect,…