New Technologies in WebApp Sec

Webcast: SQLInjection Vulnerabilities Hidden in New Places

Why are your applications still suffering from SQL Injection Vulnerabilities? Even though we know so much about SQL Injection, we have a perfect storm brewing for serious security problems in many modern applications. The perfect storm is brewing because the younger generation of developers who are building these new applications in technologies like JSON, REST, […]

The Seven Deadly Sins

7 Deadly Sins: Unlock the Gates of Mobile Hacking Heaven

I’ve spent the past year hacking mobile applications in an effort to uncover the most common security mistakes made during development. I found that most of the problems are related to session management – the process of authenticating the user and ensuring an attacker isn’t impersonating a user or eavesdropping on the service. In most […]

Yahoo Fantasy Football

Mobile Application Security: Think Twice Before Placing Football Bets

Have you heard about the vulnerability in the Yahoo! Fantasy Football app? If Knowshon Moreno’s performance on Monday against the Oakland Raiders got you down, you might want to read this warning to fantasy football players: Don’t place any bets this season until you update your Yahoo! Fantasy Football mobile app. A hacker could be […]

SQL-Injection

Four Reasons Security Teams Can’t Stop SQL Injection Vulnerabilities

SQL injection vulnerabilities have threatened application security for years. So why are they still quite common, despite the fact that we, as an industry, should know how to prevent them? Clearly, if eradicating the vulnerability was contingent on understanding how to implement a technical fix, we would’ve done so by now. But the problem is […]

Prevent SQL Innjection Using Parametrized queries

Eight Reasons Why SQL Injection Vulnerabilities Still Exist: A Developer’s Perspective

Knowing how to prevent a SQL injection vulnerability is only half the web application security battle. A multitude of factors come into play when it comes to writing secure code, many of which are out of the developers’ direct control. That’s why common vulnerabilities like SQL injection continue to plague today’s applications, and why application […]

Vulnerability Management Solution from Denim Group and NT OBJECTives

Vulnerability Management Solution from Denim Group and NT OBJECTives

Software development teams are under increasing pressure to deliver applications faster. Agile development processes support these efforts, but application security tools typically do not. They produce either reams of data or a summary report, leaving your security analysts to identify high-risk vulnerabilities and translate those into actionable tasks for developers. All of this delays time […]

Web Application Security Blog and Podcast