ImmuniWeb Security Blog

Francesca Bosco, UNICRI Programme Officer, speaks about growing cybercrime, ML/AI and governmental regulation of cybersecurity.

Insecure Deserialization is #8 in the current OWASP Top Ten Most Critical Web Application Security Risks. It is difficult to exploit, but successful attacks can lead to remote ...

Cross-site scripting (XSS) is #7 in the current OWASP Top Ten Most Critical Web Application Security Risks – and the second most prevalent web application vulnerability. It is ...

Security Misconfiguration is #6 in the current OWASP Top Ten Most Critical Web Application Security Risks. Misconfiguration can include both errors in the installation of ...

Broken Access Control is #5 in the current OWASP Top Ten Most Critical Web Application Security Risks. It should be viewed in conjunction with Broken Authentication, currently the ...

XML External Entities (XXE or XML injection) is #4 in the current OWASP Top Ten Most Critical Web Application Security Risks.

Sensitive data exposure is #3 in the current OWASP top Ten Most Critical Web Application Security Risks.

HTTP Security Headers were created to protect applications from frequent and common attacks without the need to add or change the code of your applications.

User authentication – the process of ensuring only authorized users have access to controlled data and functionality – is the fundamental cornerstone of web and application ...

Toward the end of 2015, UK broadband provider TalkTalk was hacked by a 17-year old youth. The method he used was SQL injection attack (SQLi) – an attack method that is older ...

Dr. Jean-Marc Rickli, Head of Global Risks and Resilience at GCSP, explains the future of AI, related risks and opportunities.

Robin Wilton, Technical Director for Identity and Privacy at the Internet Society, provides expert opinion on the hottest cybersecurity, privacy and regulations topics.