Single Page Application security help
Tuesday, October 23, 2018 by Richard Harris
Single-page applications, or SPAs, are web apps that load a single HTML page and dynamically update that page as the user interacts with the app. Their origins are unclear but the concept was discussed as early as 2003 according to the archives on Wiki. SPAs use AJAX and HTML5 to create fluid and responsive Web apps, without constant page reloads - that literally means,...
Tips for securing container deployments
Friday, September 1, 2017 by Richard Harris
Container deployments are still susceptible to the regular threats that other types of deployments are - including DDoS and cross-site scripting attacks. In fact, hackers often take advantage of compromised containers to scan sensitive data, download malware, or privilegeunauthorized access to any of your containers, hosts or data centers.Fei Huang is the CEO of NeuVect...
Cloud native app firewall Twistlock 2.1 launches
Monday, July 17, 2017 by Christian Hargrave
Twistlock, a provider of cloud container security solutions, has announced the availability of Twistlock 2.1. The latest release of their flagship product includes a first of its kind cloud native app firewall, vulnerability risk ranking that uses knowledge of an enterprise’s unique environment to prioritize what to fix first, a brand new dashboard and integrated secret...
The hottest skills needed in the freelance job market to get hired
Thursday, May 4, 2017 by Richard Harris
Upwork has released its newest quarterly index of the hottest skills in the U.S. freelance job market. The Upwork Skills Index ranks the site’s 20 fastest-growing skills and is part of a quarterly series that sheds light on new and emerging skills freelancers are providing. According to a recent report, nearly half (49%) of hiring managers use freelancers to access skil...
How NGINX could overpower Microsoft soon
Thursday, April 13, 2017 by Richard Harris
In 2016, NGINX experienced their largest gains as a web server vendor, having increased by 4.8 million active sites and 2.85 percentage points. Netcraft believes that if these trends continue in 2017, NGINX could possibly overtake Microsoft as the second largest vendor in the second half of the year.In a recent conversation with Faisal Memon, Product Marketing at NGINX,...
Scanning JavaScript for vulnerabilities: How the impossible is now possible
Friday, January 13, 2017 by Matt Howard
Javascript is everywhere, and it's awesome! But the world most popular language can be riddled with problems if you aren't a careful programmer.There is a saying that speaks to the incredible popularity of JavaScript as a programming language and it goes like this: “any application that can be written in JavaScript, will eventually be written in JavaScript.” The we...
Security First: 5 tips for building a secure mobile app from the ground up
Wednesday, October 5, 2016 by Karen Sittig
With more than two billion smartphone users worldwide, the app market has exploded — along with risks. Mobile app developers are still struggling to make security a priority and by 2017, cyber-attacks via vulnerable apps are anticipated to account for 75% of all mobile security breaches. Given what's at stake, it's critical that developers build apps that are &ldq...
WhiteHat Web Applications Security Statistics Report Highlights Chronic Vulnerabilities
Sunday, June 12, 2016 by Stuart Parkerson
WhiteHat Security has released its eleventh annual Web Applications Security Statistics Report which was compiled using data collected from tens of thousands of websites to analyze vulnerabilities, remediation rates and risk levels. The report reveals that on average, the majority of web applications exhibit two or more serious vulnerabilities per application for every ...
Five Common Mobile App Security Vulnerabilities And How to Fix Them
Saturday, April 30, 2016 by Seth Jaslow
Mobile app security leaves much to be desired. That was the conclusion of a 2016 Hewlett Packard Enterprise (HPE) study which found that a staggering 96 percent of 36,000 mobile apps failed at least one of 10 privacy checks. Three years ago, a similar HPE study found that 97 percent of 2,000 apps reviewed held insecure private information. As mobile app usage conti...
86 Percent of PHP Based Applications Contain at Least One CrossSite Scripting Vulnerability
Tuesday, December 8, 2015 by Stuart Parkerson
Veracode is reporting that its analytics show 86 percent of PHP-based applications contain at least one Cross-Site Scripting (XSS) vulnerability and 56 percent have at least one SQL injection (SQLi) when initially assessed by Veracode. The analysis is part of a supplement to Veracode’s “2015 State of Software Security: Focus on Application Development”, which is a repor...
Why DDoS Attacks Have Doubled in the past Year
Saturday, August 22, 2015 by Stuart Parkerson
Akamai Technologies has released its Q2 2015 State of the Internet – Security Report. This quarter’s report, which provides analysis and insight into the global cloud security threat landscape. Most notably, the data show the threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter.John Summers, vice president, Clou...
Contrast Security Release New Enterprise Application Security Platform
Tuesday, June 9, 2015 by Stuart Parkerson
Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumen...
Checkmarx Releases New CxRASP Platform Offering Runtime Application Self Protection
Friday, February 6, 2015 by Stuart Parkerson
Checkmarx has announced the launch of its Runtime Application Self-Protection (RASP) solution, CxRASP, which utilizes two-point instrumentation technology to continuously observe an app’s bidirectional data flow, enabling the detection and defense against real-time attacks.CxRASP is the latest addition to the Checkmarx Application Security Hub which provides solutions f...
HP Launches Cloud Managed Application Self Protection Service
Friday, September 12, 2014 by Stuart Parkerson
HP has introduced HP Application Defender, a cloud-managed application self-protection service that provides immediate visibility and actively defends production applications against attacks.As HP said in the recent announcement, “As the number and complexity of enterprise applications grows, the attack surface for exploits increases exponentially, leaving enterpri...
Adobe Launches New ColdFusion 11 Enterprise Edition for Deploying Web and Mobile Apps
Wednesday, May 7, 2014 by Richard Harris
Adobe has made available Adobe ColdFusion 11 Enterprise Edition, an all-in-one application server that offers developers a single platform to build and deploy scalable, web and mobile applications in enterprise environments. It includes new features to speed up development, testing, debugging, and deployment of mobile applications. ColdFusion 11 now provides f...
