Applications and products using older versions of TLS are under-secured and vulnerable.Continue reading
WAF-as-a-Service
Why do web application firewalls appear so complex?
Many web application attacks have been successful because they targeted improperly configured web application firewalls (WAFs). One of the most popular attacks — SQL Injection (SQLi) — isn’t new, yet many organizations don’t seem to have learned anything since Heartland Payment Systems was successfully hacked in 2008 using SQL injection. Heartland was the sixth-largest payments processor in the U.S. at the time, and the breach compromised millions of business and personal credit/debit accounts. Continue reading
Sending forget-me-nots on the importance of HTTPS
All US government sites will soon be preloading HSTS for added security against threats like man-in-the-middle. Here's how it all works.Continue reading