CISO August 5, 2019

4 Questions CISOs Need to Ask About Enterprise Cybersecurity

4 min read - It's not always easy to ask the hard questions about enterprise cybersecurity. Here are four questions that CISOs need to answer to boost infosec impact.

Application Security July 6, 2018

What’s the Best Strategy to Manage Application Security Risk?

2 min read - To protect their organizations from threat actors targeting software vulnerabilities, security leaders should adopt an integrated approach to application security risk management.

April 19, 2018

94 Percent of Web Applications Suffer From High-Severity Vulnerabilities

2 min read - A recent report revealed that 94 percent of all web applications suffer from high-severity software vulnerabilities, 85 percent of which are exploitable.

Application Security March 23, 2018

An Introduction to HTTP Response Headers for Security

3 min read - HTTP response headers aim to help protect web applications from cross-site scripting (XSS), man-in-the-middle (MitM) attacks, clickjacking, cross-site request forgery and other threat vectors.

September 28, 2017

Mobile Stock Trading Apps Vulnerable to Attack

2 min read - Over 20 mobile apps commonly used for stock trading are not very secure, according to recent security research.

Application Security July 10, 2017

A Primer on Cross-Site Scripting (XSS)

2 min read - XSS is a prevalent web-based exploit in which threat actors inject malicious code into webpages to compromise data or facilitate phishing scams.

July 6, 2017

Mozilla Still Finds Failures in Website Security, Survey Shows

2 min read - More than 90 percent of the top 1 million websites have failed to adopt adequate website security controls to protect against XSS, MitM attacks and more.

Application Security March 13, 2017

Inside the Mind of a Hacker: Attacking Web Pages With Cross-Site Scripting

5 min read - Web application developers must learn to think like cybercriminals to combat the growing threat of cross-site scripting (XSS) attacks.

September 29, 2016

Extermination Effort: New Content Security Policy Tools Target XSS Cockroach

2 min read - Google recently introduced new tools for developers to help them create a better web content security policy. Specifically, the initiatives should target cross-site scripting (XSS) vulnerabilities, which Threatpost said are the “cockroach of web application security,” forever skittering away into…

September 13, 2016

Portable Problems? New Vulnerability Report Sparks Hacker Hunt

2 min read - A vulnerability report is designed to alert vendors of potential security issues, but it can also help cybercriminals identify weak spots to attack.