owasp

owasp news search results

Developer news items we found relating to owasp

22 results
API-security-risks-report-exposes-Netflix-and-Wordpress

API security risks report exposes Netflix and Wordpress


Monday, November 27, 2023 by

Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP. The new report i...


5-mistakes-businesses-make-in-application-development

5 mistakes businesses make in application development


Friday, October 23, 2020 by

5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...


Most-cryptocurrency-mobile-apps-are-vulnerable

Most cryptocurrency mobile apps are vulnerable


Thursday, November 30, 2017 by

Over 1,300 crypto currencies exist today with over $300 Billion market capitalization. One of the most popular and oldest cryptocurrency - Bitcoin has almost reached $10,000 price after several months of fluctuation, but continuous and steady growth.A wide spectrum of mobile applications for cryptocurrencies were released during the last few years by various startups, i...


Rethinking-DevOps-as-DevSecOps

Rethinking DevOps as DevSecOps


Thursday, October 12, 2017 by

If you’re not already thinking right now that your DevOps teams should be run like a DevSecOps team, you may already be in a world of hurt. Time to wake up! As the adoption of APIs continues to grow, so do the risks to organizations that don’t actively test the security of their solutions. Modern Agile development frameworks have changed the way engineering teams produc...


Improve-mobile-app-security-by-turning-it-into-code

Improve mobile app security by turning it into code


Monday, May 8, 2017 by

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...


ImmuniWeb-Mobile-launches-to-offer-better-mobile-security-testing

ImmuniWeb Mobile launches to offer better mobile security testing


Wednesday, March 15, 2017 by

High-Tech Bridge announces the launch of ImmuniWeb Mobile as part of ImmuniWeb Application Security Testing Platform. The new offering will provide comprehensive assessment of iOS and Android mobile applications, mobile infrastructure backend and data channel encryption. All ImmuniWeb Mobile packages are provided with a zero false-positives SLA. The mobile application s...


Webscale-launches-new-WAF-to-thwart-attacks-on-eCommerce-sites

Webscale launches new WAF to thwart attacks on eCommerce sites


Thursday, March 2, 2017 by

Webscale has announced the launch of their Cloud Web Application Firewall (WAF), the first of a new line of a-la-carte solutions designed to address the pain points many businesses face with regards to the security, availability and performance of their critical web applications. While the market is flush with WAF solutions that combat malicious attacks at the edge of a...


80-percent-of-web-apps-have-security-flaws

80 percent of web apps have security flaws


Tuesday, February 14, 2017 by

Data collected by Contrast Labs has revealed that sensitive data exposures, which include missing and weak encryption, are the top vulnerability plaguing 69 percent of web applications and accounting for 26 percent of all vulnerabilities. Their research has also found that 80 percent of tested software applications had at least one vulnerability, with an average of 45 v...


Security-First:-5-tips-for-building-a-secure-mobile-app-from-the-ground-up

Security First: 5 tips for building a secure mobile app from the ground up


Wednesday, October 5, 2016 by

With more than two billion smartphone users worldwide, the app market has exploded — along with risks. Mobile app developers are still struggling to make security a priority and by 2017, cyber-attacks via vulnerable apps are anticipated to account for 75% of all mobile security breaches. Given what's at stake, it's critical that developers build apps that are &ldq...


Synopsys-Makes-Updates-to-its-Seeker-Runtime-Security-Analysis-Tool

Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool


Monday, August 8, 2016 by

Synopsys has released the latest version of its Seeker runtime security analysis solution. Seeker analyzes web application code and data flows at runtime using a technique known as an Interactive Application Security Testing (IAST), which detects and confirms exploitable security vulnerabilities and provides insight that allows developers to address their root causes. T...


WaveMaker-Adds-Security-Enhancements-to-Its-Rapid-Application-Development-Platform

WaveMaker Adds Security Enhancements to Its Rapid Application Development Platform


Friday, July 15, 2016 by

WaveMaker has announced two new security enhancements to its enterprise-class Rapid Application Development platform. The WaveMaker platform now supports Single Sign-on for WaveMaker-built and deployed applications using Central Authentication Server (CAS), which permits users to access multiple applications by providing credentials such as UserID and password only once...


Five-Common-Mobile-App-Security-Vulnerabilities--And-How-to-Fix-Them

Five Common Mobile App Security Vulnerabilities And How to Fix Them


Saturday, April 30, 2016 by

Mobile app security leaves much to be desired. That was the conclusion of a 2016 Hewlett Packard Enterprise (HPE) study which found that a staggering 96 percent of 36,000 mobile apps failed at least one of 10 privacy checks. Three years ago, a similar HPE study found that 97 percent of 2,000 apps reviewed held insecure private information. As mobile app usage conti...


Security-Brief--Protecting-Against-the-OWASP-Mobile-Top-10

Security Brief Protecting Against the OWASP Mobile Top 10


Thursday, January 7, 2016 by

There are over 1.6 million Android apps in the Google Play store. Over 1.5 million apps are in the Apple App Store. For mobile app hackers, today’s mobile environment has never offered a more fertile landscape to phish for user information or implant mobile malware. And never in history has more information been available to exploit.To understand how mobile application ...


86-Percent-of-PHP-Based-Applications-Contain-at-Least-One-CrossSite-Scripting-Vulnerability

86 Percent of PHP Based Applications Contain at Least One CrossSite Scripting Vulnerability


Tuesday, December 8, 2015 by

Veracode is reporting that its analytics show 86 percent of PHP-based applications contain at least one Cross-Site Scripting (XSS) vulnerability and 56 percent have at least one SQL injection (SQLi) when initially assessed by Veracode. The analysis is part of a supplement to Veracode’s “2015 State of Software Security: Focus on Application Development”, which is a repor...


Axway-Launches-New-API-Security-Offerings

Axway Launches New API Security Offerings


Friday, September 25, 2015 by

Axway has made a number of updates to in its release of Axway 5 Suite API Management, release 7.4.1 including built-in API Firewalling capabilities. The Axway 5 Suite API Management platform provides companies with an enterprise-grade API management and security platform offering the ability to protect against malicious attacks, including Denial of Service (DoS), c...


AppSecUSA-Security-Conference-to-Delve-Into-Application-and-Cloud-Security

AppSecUSA Security Conference to Delve Into Application and Cloud Security


Friday, September 11, 2015 by

There is still time to participate in OWASP's 12th Annual AppSecUSA Security Conference designed for developers and security experts focusing on application and cloud security. The conference will be held in San Francisco on September 24-25 and a separate two day training program will be offered September 22-23.Held at the Hyatt Regency San Francisco, more than 40 speak...


An-Analysis-of-the-Starbucks-Cyber-Attack-and-How-To-Stay-Protected

An Analysis of the Starbucks Cyber Attack and How To Stay Protected


Wednesday, June 10, 2015 by

How much is a cup of coffee really worth? Several weeks ago, many Starbucks customers began reporting their Starbucks card balance emptied and then topped again. On May 13th, Starbucks released a written statement  denying the un-authorized activity was a result of a hack or an intrusion to its servers or mobile app. But the hard facts show that indeed customers ha...


Contrast-Security-Release-New-Enterprise-Application-Security-Platform

Contrast Security Release New Enterprise Application Security Platform


Tuesday, June 9, 2015 by

Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumen...


MetaIntelli-and-Arxan-Technologies-Partner-to-Identify-and-Mitigate-Mobile-Apps-Security-Threats

MetaIntelli and Arxan Technologies Partner to Identify and Mitigate Mobile Apps Security Threats


Sunday, November 16, 2014 by

MetaIntelli and Arxan Technologies have partnered together to provide mobile app developers with a comprehensive approach to identify and mitigate mobile apps against security and privacy risks with nonstop protection. The two companies bring together complementary technologies that leverage MetaIntelli’s intelligent, autonomic cloud based mobile app risk identific...


HP-Internet-of-Things-Study-Shows-Majority-of-IoT-Devices-Contain-Serious-Vulnerabilities

HP Internet of Things Study Shows Majority of IoT Devices Contain Serious Vulnerabilities


Monday, August 4, 2014 by

HP has released new research, The Internet of Things State of the Union Study, which reveals that 70 percent of the most commonly used Internet of Things (IoT) devices contain serious vulnerabilities. The study is an outgrowth of HP’s OWASP Internet of Things Top 10 Project. The projects goal is to educate the IT community on the main facets of Internet of Things s...


Spirent-Offers-New-SaaS-Vulnerability-Scanning-and-Load-Testing-Platform

Spirent Offers New SaaS Vulnerability Scanning and Load Testing Platform


Tuesday, May 6, 2014 by

Spirent Communications, a provider of network, devices and application testing solutions, has launched ArmorHub, a cloud-based vulnerability scanning service for website owners, application developers, and API managers.ArmorHub, together with Blitz.io, delivers a set of cloud-based services for security assessment and load testing offered as a subscription-based Softwar...


Coverity-Releases-New-Version-of-Enterprise-Development-Testing-Platform

Coverity Releases New Version of Enterprise Development Testing Platform


Wednesday, January 8, 2014 by

Coverity has announced the availability of the Coverity Development Testing Platform 7.0, the next-generation of its software testing platform.The platform enables testing for cloud, mobile and web-based application development in Enterprise IT organizations. The new version of the Coverity Development Testing Platform is an enterprise-scale solution which combines...