ImmuniWeb Security Blog

DevOps is a growing and useful paradigm in web application development, but it fails to address the security issues plaguing today’s marketplace. The principles of DevOps, ...

APIs and Web Services are widely used by modern mobile applications. Often underprotected, they are a common source of critical flaws and data breaches.

How attackers are getting into millions of WordPress websites and how to prevent this?

Equifax breach, WannaCry and NotPetya epidemics exploited flaws in shadow, legacy and abandoned applications. By definition, these applications cannot be patched, and thus pose a ...

Over 30% of the world's websites are currently built with the WordPress. From complex e-commerce sites to small personal blogs – all are targets for hackers.

This is our deep dive into aspects of OWASP’s #3 top ten web application risks: sensitive data exposure. We’ve looked at cloud database access misconfigurations; at preventing ...

Spencer Young, Regional Vice-President EMEA at Imperva, explores challenges and opportunities on the emerging application security market.

Sensitive Data Exposure is #3 in OWASP's top ten web application security risks. We've already examined database exposure through lack of access controls – which still usually ...

Amazon Web Service (AWS), launched in 2006, is now the leading cloud service platform by market share. Its Simple Storage Service (S3) is particularly popular – but ...

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a ...

If you know about a vulnerability, you can be certain that adversaries also know about it – and are working to exploit it. It sounds like a no-brainer; but using components with ...

How to detect, prevent and combat malicious cybersquatting, typosquatting and trademark infringement.