Understanding Web Application Penetration Testing
Today's security technologies fail to detect true zero day attacks, K2 has a video that explains why these security technologies fail to protect against zero day attacks and the need for deterministic security. The post Understanding Web Application Penetration Testing appeared first on K2io ... Read More
What is RASP? And Why Should You Care?
Runtime Application Self-Protection or RASP was first introduced in 2012 as a security category by Gartner, but didn’t gain attention until 2014, during the Gartner Security and Risk Management Summit. The product category RASP describes products that run directly on the server and protects the applications that are running on ... Read More
CRN’s 12 Biggest Cloud Threats and Vulnerabilities in 2020
CRN published a new list of the 12 Biggest Cloud Threats and Vulnerabilities at the beginning of June 2020. One of the main recurring themes in CRN's list of 12 cloud threats and vulnerabilities though is misconfiguration. The post CRN’s 12 Biggest Cloud Threats and Vulnerabilities in 2020 appeared first ... Read More
Majority of Cyber Attacks Go Undetected
A new report from Mandiant, the Mandiant Security Effectiveness Report 2020, has some interesting new statistics around cyber attacks and attack detection. The post Majority of Cyber Attacks Go Undetected appeared first on K2io ... Read More
Learning More About SQL Injection
For a threat that's been around since the inception of the OWASP Top 10 list, it should be troubling that 26 percent of all small businesses have suffered from a SQL Injection attack in the last year, yet according to a recent article it remains one of the least-talked about ... Read More
Feel Ready for a Disaster? You’re Probably Not
A new Infrascale Survey reports that most small and medium businesses (SMBs) think they're ready for a disaster, but that at the same time, those same organizations lack disaster recovery plans The post Feel Ready for a Disaster? You’re Probably Not appeared first on K2io ... Read More
FBI Predicts Increased Use of Mobile Banking Apps Will Increase Cyber Attacks
The FBI just released a new Alert # I-061020-PSA, warning the public that as they increase the use of mobile banking applications (partly due to the increased forced time at home from the COVID-19 restrictions), they should expect more exploit attempts by cyber actors. The post FBI Predicts Increased Use ... Read More
80% of Organizations Experienced a Cloud Data Breach in the Last 18 Months
A new article in Help Net Security covers a recent survey of 300 CISOs. In the survey CISOs revealed that nearly 80% of the companies had experienced at least one cloud data breach in the past 18 months The post 80% of Organizations Experienced a Cloud Data Breach in the ... Read More
Ways to Detect Application Security Vulnerabilities Sooner to Reduce Costs and Risk
Traditional testing measures often occur too late in the process to effectively find and fix vulnerabilities before causing costly production delays, or worse, putting organizations at risk for potential security breaches. The post Ways to Detect Application Security Vulnerabilities Sooner to Reduce Costs and Risk appeared first on K2io ... Read More
Learning More About Cross Site Scripting
Cross-site scripting has been around longer than most security professionals have been on the job. Why is it still such an issue when we've known about it for so long? The post Learning More About Cross Site Scripting appeared first on K2io ... Read More