ImmuniWeb Security Blog | Page 23

As Yelp launches a public bug bounty program we take a look at some success metrics, and how they apply to wider enterprises.

False positives can seriously ruin your day, and can cost enterprises serious money. Highlighted by a recent example, we share some key tips on how to mitigate false alerts.

Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.

Can Bug Bounty programs be a cost-efficient complement for security testing of modern web applications?

Infosecurity Europe 2016 highlighted a great variety of emerging cybersecurity threats. Keeping things simple can help CISOs a lot.

Web application security is a very hot topic these days. What shall CISOs do with the related risks?

Yet another Padding Oracle flaw (CVE-2016-2107), allowing decrypting TLS traffic in a MITM attack, remains exploitable on the most popular web and email servers.

Running behind trendy APTs we tend to forget about common-sense approach and holistic risk assessment.

Cybersquatting, typosquatting and phishing now target the largest cybersecurity brands.

Existing and new web security technologies based on actively developed RFCs propose new approaches to common web vulnerabilities remediation.

MIT project confirms that neither human nor machine has proven overwhelmingly successful at maintaining cybersecurity on their own.

Cybersecurity is not something you can just buy, but something you should thoroughly build.