Even web application APIs can be subject to race conditions. Check out where it can happen such as the cases of HTTP pipelining, splitting HTTP and others.
When a security researcher found an unusual PHP script while solving an hCorem Capture the Flag task, it reveal hundreds of millions of users are vulnerable to attack. Learn the deep tech.
When it comes to XXE issues, hackers have multiple ways to take advantage of WAF configurations. We are going to show you four ways hackers trick WAFs, sneaking XXE issues past their defenses. 4 hacker XXE methods for bypassing WAFs: Extra document spaces Invalid format Exotic encodings One doc: two types of encoding Once you understand the issue, you should be able to restore the fire to your defenses. We will show you how. A…
If you are a SecOps or DevOps professional on the west coast you can not miss the premier California application security event: AppSec California, January 22–25th in Santa Monica. Here are testimonials from the previous AppSec Cali events: “I’m looking forward to AppSecCali next week. Last year was awesome. This year looks even better!” — @jeremiahg “I think AppSecCali was one of the best conferences I have been to. Talks were good. Venue was awesome and atmosphere…
By Renata Budko, Wallarm Last week I spent a few days in Las Vegas with the great folks at the Gartner IT Infrastructure, Operations & Cloud Strategies Conference. Gathered for the conference there were experts around the world from analysts to VPs to infrastructure and operations leaders to C-suite executives all looking for insights into cloud, IoT, security, artificial intelligence, automation and machine learning. To me, the mantra is to accelerate innovation in a hybrid…
This month Wallarm has partnered with GigaOm to help our DevOps customers better understand the industry landscape and strategies to address the challenges of doing things the agile way. GigaOm’s perspective is that of the unbiased enterprise practitioner. GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited…