web app security
7 Common Web App Security Vulnerabilities Explained
Web applications have increasingly become the backbone of many businesses, but also, unfortunately, major targets for cyberthreats ...
Why Generative AI is a Threat to API Security
Generative AI can be used to amplify cybercriminals' nefarious deeds against web applications, especially those that rely heavily on APIs ...
Essential Web Application Security Checklist
A web application or web app is an application that runs on a remote system and is delivered over the internet through a browser. The major components in a web application are ...
Palo Alto Networks Expands Web App and API Security Options
Palo Alto Networks has added an out-of-band option for securing web applications and application programming interfaces (APIs) to its Prisma Cloud service. In addition, Palo Alto Networks has added an agentless capability ...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of March 28, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us ...
It Was The Best Of Times, It Was The Worst Of Times…A Tale of Two Passwords
Two of the characters in Charles Dickens’ beloved novel, A Tale of Two Cities have such similar features that their identities are swapped. No one notices. One escapes and reunites with his ...
How to configure BurpelFish
I recently was doing a pentest and was continuously looking up translations for words, and thought “there has to be a better way…”. That is when I landed on BurpelFish, which adds ...
Code Itself Is a Growing Security Threat
As the pace of digitization across the global economy accelerates, companies are creating more and more software. This is putting greater pressure on internal teams to deliver on schedule, within budget and ...
HTTP Request Smuggling: A Primer
One of the security issues you might face with your website or web app is request smuggling.HTTP request smuggling is a security vulnerability that allows an attacker to interfere with the way ...
Waving the White Flag: Why InfoSec should stop caring about HTTPOnly
As a company that is constantly working with our penetration testing clients on understanding where they should focus their efforts, qualifying risk is second-nature to us. On one hand, we never want ...
