Tag

Waf

Browsing

Security products have their own security issues, which can affect products that they were designed to secure. It’s not a recursive loop, but the reality. WAFs there are not an exclusion. You can remember CloudFlare self-DoS that happened last year (https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) because of an issue in RegExp signature they applied. Or Imperva’s data breach that disclosures API keys of their clients https://krebsonsecurity.com/2019/08/cybersecurity-firm-imperva-discloses-breach/ The latest thing with ModSecurity (https://www.secjuice.com/modsecurity-vulnerability-cve-2019-19886/) is another one example of how it’s…

Traditional WAFs speak to bigger adoption problems for technologists, innovators, and businesses. Making a decision in today’s marketplace is like being a kid in a toy store. There are so many options that excitement quickly turns to settling on a familiar choice, so it’s no surprise that businesses are settling for subpar solutions from familiar brands. In a time when customers are overstimulated by a nauseating flurry of new ideas, over-promises, and social media marketing…

GraphQL is an alternative to the REST concept that allows working with the data in a more structured and object-oriented way. This technology is very famous and used by many enterprise companies such as Facebook, Walmart, Intuit among other. Whether you know it or not, GraphQL has a significant impact on your business. Many products you rely on, such as GitLab, New Relic, and WordPress use GraphQL under the covers. In this series of articles,…

Online businesses have to be careful. It’s a dangerous world, full of anonymous people and services wearing digital skins. It sounds horrific because it is. On the other side of a transaction, could be anyone. Extra measures have to be made to secure web interfaces and API endpoints that online businesses depend on.