Shape’s VP of Intelligence Center to Speak at Retail Cyber Intelligence Summit

| | Security Trends
Shape’s Vice President of Intelligence Center, Dan Woods, will present at the upcoming Retail Cyber Intelligence Summit on September 24-25, 2019, at the Four Seasons Hotel in Denver, Colorado. 2018 saw a ...

The War No One is Talking About

There is a war brewing in cyberspace. The general public is blissfully unaware, and very likely will remain so. The media, when it talks about cybersecurity, tends to focus on the breach ...
Healthcare CAPTCHA: The Cure that’s Worse than the Disease

Healthcare CAPTCHA: The Cure that’s Worse than the Disease

| | Security Trends
A healthcare insurer was forced to use a CAPTCHA. 70% of their aged patients could no longer refill their prescriptions. It was a complete disaster ...
10 Questions to Ask a Bot-Mitigation Vendor

10 Questions to Ask a Bot-Mitigation Vendor

| | Security Trends
You figured out that you have a bot problem. Maybe you have a high account takeover (ATO) rate, or someone’s cracking all your gift cards, or scraping your site. You tried to ...
Shape Connect

On The Launch of Shape Connect

| | Security Trends
The war against "fake" begins today, with the launch of Shape Connect ...
Do You Need a WAF, or Something Better than a WAF?

Do You Need a WAF, or Something Better than a WAF?

| | Security Trends
“The king is dead! Long live the king!” The jarring conflict embodied in this timeless hoorah is about to apply to the application security space. Subjects are giving up on the old ...

What your login success rate says about your threat surface

One of the problems with imitation attacks such as sophisticated credential stuffing is that they are designed to blend in with legitimate traffic. How can you measure something that you can’t detect? ...
5 Rando Stats from Watching eCrime All Day Every Day

5 Rando Stats from Watching eCrime All Day Every Day

| | Security Trends
David Holmes here, cub reporter for Shape Security. While I’m luxuriating in United Airlines steerage class, our crack SOC team is back at HQ slaving away over their dashboards as tidal waves ...
Testing Robustness

Extreme Cybersecurity Predictions for 2019

| | Security Trends
Prediction blogs are fun but also kind of dangerous because we’re putting in writing educated guesses that may never come true and then we look, um, wrong. Also dangerous because if we’re ...
Reverse Engineering JS by example

Reverse Engineering JS by example

| | Security Trends
flatmap-stream payload A In November, the npm package event-stream was exploited via a malicious dependency, flatmap-stream. The whole ordeal was written up here and the focus of this post is to use ...
Loading...