Tag

Threat Intelligence

Browsing

In the digital era, financial institutions serve an increasing number of customers through web and mobile applications. Fintech maintains online security, and OWASP offers pieces of the puzzle to address the challenges. We CAN solve these challenges by leveraging the OWASP community knowledge base to secure the financial sector. On May 21st, 2020, I had the honor to dive into these challenges from multiple perspectives with my two guests, Vandana Verma and Victor Gartvich. We…

Modern-day cyberattacks keep growing in sophistication and sheer volume. This dynamic makes it virtually impossible to detect and block all attacks using the traditional methods of comparing incoming requests to known attack signatures. To effectively operate in this new aggressive cyberthreat environment, it is paramount that IT operations, developers, and DevSecOps adopt a proactive defense mindset. Threat hunting is all about having that powerfully proactive mindset. The underlying goal of threat hunting is to detect,…

Understanding Your Monthly Security Reports When we first starting a conversation with our prospects, we are frequently asked, “Just how will I know that Wallarm is working?” To help answer that, let’s take a look at the report we sent to one of our customers last week to understand what kind of threats Wallarm defends agains. Wallarm customers get this kind of detailed report weekly — just to keep track of the state of affairs. In addition, they…

With all the time and resources we allocate to finding application vulnerabilities it’s easy to forget that 3rd party libraries and software can introduce vulnerabilities into our applications as well. Hackers know this and they try to exploit them. In this blog post we will illustrate a vulnerability found within one of the LinkedIn services. The security issue was discovered in December 2015 and was fixed within 24 hours by the LinkedIn team. What is XXE…