In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

Community Edition
Total Tests:
This Week:
Today:
Stay in Touch

Weekly newsletter on AI, Application Security & Cybercrime


Your data will stay confidential Private and Confidential

ImmuniWeb > Security Blog > Page 24

ImmuniWeb Security Blog

Patching Complex Web Vulnerabilities Using ModSecurity WAF
February 9, 2016 | High-Tech Bridge Security Research

In this blog post we will demonstrate complicated examples of common web application vulnerabilities, and see how they can be mitigated with ModSecurity WAF.

Bypassing Bitrix WAF via tiny regexp error
February 3, 2016 | High-Tech Bridge Security Research

Bitrix24 is one of the first and most secure cross-platform corporate software with integrated WAF and RASP. Let's see how we can bypass them.

Facebook scandal or can bug bounties replace traditional web security?
January 11, 2016 | Ilia Kolochenko for CSO

Can crowd-sourcing approach to web security testing work for your corporate applications?

A Brief History of Spear Phishing
January 6, 2016 | Daniel Brecht (via InfoSec Institute)

Learn the best practices for developing a security awareness training program that is engaging. Engaging awareness programs have been shown to change more users’ behavior and ...

How to calculate ROI and justify your cybersecurity budget
December 16, 2015 | Ilia Kolochenko for CSO

If you speak with management about money – speak their language and you will definitely get what you need.

Five reasons why hackers easily get into corporate websites
December 15, 2015 | Ilia Kolochenko for CSO

Vulnerable web application is just one of the great gifts left for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. Why companies ...

Can you trust SSL encryption of your email provider?
December 1, 2015 | High-Tech Bridge Security Research

Have you ever though how secure and reliable is your SSL/TLS connection to your email servers? A brief research about encryption implementation of the most popular free email ...

Spending millions on APT defense? Don’t forget about Third Party Risk Management
November 9, 2015 | Ilia Kolochenko for CSO

Being a large company, you have a risk when hiring a third-party consultant - you condemn them to be hacked instead of you.

Can we trust our HTTPS connections to the largest global companies?
October 28, 2015 | High-Tech Bridge Security Research

How efficiently do the Global 2000 companies protect our data between their web servers and our computers or mobiles?

DDoS attacks: a perfect smoke screen for APTs and silent data breaches
October 12, 2015 | Ilia Kolochenko for CSO

Growing DDoS attacks more and more frequently try to distract incident response teams in order to hide much bigger security incidents.

How to secure the Internet of Things and who should be liable for it?
October 6, 2015 | Ilia Kolochenko for CSO

How to secure connected devices before it will be too late?

What’s new in CVSSv3 vulnerability scoring system?
September 21, 2015 | High-Tech Bridge Security Research

In June 2015 The Forum of Incident Response and Security Teams (FIRST) has announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). Let's see the ...

1920212223242526272829

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Ask a Question