Decline in web application vulnerabilities? Interesting article and kind of funny. No responsibility is taken for the problem. One of the reasons for this disparity is that applications are built on new technologies that web…
We’re looking forward to our upcoming webinar with 451 Research Director, Wendy Nather next week on 5/2. Wendy and I will be discussing a trend we have noticed. More and more security executives are demanding…
Using Reverse Proxies To Secure Databases This study provides a unique technique to protect against SQL Injection. However, it is not a full proof solution and maintaining/updating queries using this method becomes cumbersome and difficult…
We’re very excited to announce a first-of-its kind partnership with the terrific people over at Core Security, a provider of predictive analytics security solutions and maker of Core Impact and Core Insight. Together, we will…
Another trends report for 2011 through Q1 2012 This report details the continued threat of vulnerabilities within web apps, mobile apps, and specific vulns with cloud-based implications. It’s fairly alarming to note from this report…
An ebay Site is Vulnerable to SQL Injection The eBay site in Southeast Asia is vulnerable to SQL Injection. https://www.upsploit.com/index.php/advisories/view/UPS-2012-0003 Sites such as ebay have certainly done a lot of internal security review and testing,…
The smell of melting Blackberries/iPhones/Droids. You have probably smelled it before. You began testing an application and forgot to blacklist the “Contact Us” page so everyone who receives an email for “Contact Us” gets pummelled…