How to Overcome the Shortfalls of Web Application Security Scanners when Testing Mobile & Rich Internet Applications

You’ve built a custom rich internet application that is sure to become your business’ next major revenue stream. Conscious of security, you’ve ensured that the native application authenticates to the server, and you’ve run the…

Full Article →

Why the Bitcoin Intrinsic Value Complaint is Irrelevant

In the aftermath of the Mt. Gox meltdown and subsequent bankruptcy filing, I have been reading a lot of commentary on Bitcoin. Even Paul Krugman has weighed in (against Bitcoin). Much of the criticism of…

Full Article →

Web Application Security Testing for Complex Workflows. Not so Complex Anymore.

Conducting web application security testing for complex workflows can be a real pain. In order to find vulnerabilities, valid test data must be passed through exactly as the workflow prescribes. Most web application security testing…

Full Article →

An Information Security Place Podcast – 01-22-14

Jim, Dan, and Michael have a lot of catching up to do. We talk about a lot of stuff because a lot of stuff has been happening. From RSA, NSA, QSAs… security is busy! Show notes…

Full Article →

HO-FFL 2013 Wrap up

The season is over! It was fun to play with all that participated and I got to have some fun conversations about football & the week by week activity that took place. I am looking…

Full Article →

An Open Letter to Barack Obama: If You aren’t Sure of Health Exchange Security, Shut it Down Now

Stability in Only the First Issue – Security Will Be Healthcare.gov’s Real Achilles Heel There has been a significant amount of attention to the the problems of the Obamacare website. While these problems are certainly…

Full Article →

If at first you don’t succeed, you’re hosed: The criticality of authentication in web scanning

We appreciate Kevin Beaver’s recent blog post about NTOSpider’s unique ability to authenticate on some of the trickiest applications and stay properly logged-in throughout the scan. At NTO we take pride in helping our customers by solving the automation problems that…

Full Article →

Webcast: SQLInjection Vulnerabilities Hidden in New Places

Why are your applications still suffering from SQL Injection Vulnerabilities? Even though we know so much about SQL Injection, we have a perfect storm brewing for serious security problems in many modern applications. The perfect…

Full Article →

7 Deadly Sins: Unlock the Gates of Mobile Hacking Heaven

I’ve spent the past year hacking mobile applications in an effort to uncover the most common security mistakes made during development. I found that most of the problems are related to session management – the…

Full Article →

HO-FFL Update

We are now in the middle of week 4, but I want to catch everyone up on whats been happening. First of all, I am currently ranked 10th in our 12 team league. Wow, that’s…

Full Article →

Page 1 of 2312 3 4 5 6 Next ›Last »