Surviving the Week 2/1/13 – Ruby on Rails – JSON Parser Vulnerability
Ruby on Rails – JSON Parser Vulnerability The JSON parser which converts JSON into YAML and in turn hands over to the YAML parser is buggy. The fix delivered replaces the YAML backend (yaml.rb) which...
View ArticleNew Report: SQL Injection vulns are hidden in web services (learn how to find...
In this new report, “The Widening Web Application Security Scanner Coverage Gap in RIA, Mobile and Web Services: Is Your Scanner like the Emperor’s New Clothes?”, Dan Kuykendall and Matthew Cohen of NT...
View ArticleWebcast: SQLInjection Vulnerabilities Hidden in New Places
Why are your applications still suffering from SQL Injection Vulnerabilities? Even though we know so much about SQL Injection, we have a perfect storm brewing for serious security problems in many...
View ArticleHow to Overcome the Shortfalls of Web Application Security Scanners when...
You’ve built a custom rich internet application that is sure to become your business’ next major revenue stream. Conscious of security, you’ve ensured that the native application authenticates to the...
View ArticleMobile application security testing – fast and easy!
Mobile application security testing: Four words that, for many security professionals, elicit a nagging feeling that comes from knowing the challenge is imminent if not already present, yet very...
View ArticleMobile Application Security 101
Mobile Applications – Still Insecure Businesses are racing to meet the demands for mobile applications, yet mobile application security is an afterthought, just as web application security was when web...
View ArticleApplication Security Scanning Today – Big Organizations, Big Challenges
IT security teams in global enterprises face significant challenges in application security scanning that create the need for application scanners to deliver a scalable solution that is capable of...
View ArticleHackazon, new open source vulnerable web application – Sneak Peak at AppSecUSA
I hope you’ll join me next week at AppSec USA 2014 in Denver as we unveil a new open source vulnerable web application, called Hackazon in interactive group discussion, on Friday September 19th from...
View ArticleDynamic Application Security Testing (DAST) is Anything but Static
5 Things A Modern Scanner Must Have Dynamic Application Security Testing (DAST) solutions have been around for over a decade, so you might think the market is static. But, that’s hardly the case. Web...
View ArticleNTOSpider 6.4 Now Available!
We are excited to announce a host of enhancements to NTOSpider that will further assist you in testing more of your applications in less time. Our mission is and has always been to create the most...
View ArticleSSL Poodle Check Added to NTOSpider
This week’s “big hack” everyone is yapping about is the POODLE flaw in Secure Socket Layer (SSL 3.0). The hack is a bad one, when the attacker can get man-in-the-middle to set it up, but the need for...
View ArticleAnnouncing Hackazon! The first vulnerable web test application to enable...
We are excited to announce the release of the first vulnerable web application built with web 2.0 and mobile client technologies. Hackazon is a “fake app” test site which replicates an on-line...
View ArticleAppSec Cali: Hackazon – Stop Hacking Like It’s 1999!
I’m looking forward to reconnecting with everyone next week at AppSec California. I hope you’ll join me for my talk, Hackazon – Stop Hacking Like It’s 1999! In this talk, I’ll give a detailed overview...
View ArticleC’mon back to Cali! OWASP AppSec California This Week!
I’m looking forward to seeing everyone next week at OWASP AppSec California in Santa Monica and hearing some of the great talks planned, but I’m mostly interested to see if Zach Lanier wears the same...
View ArticleHow to Overcome the Shortfalls of Web Application Security Scanners when...
You’ve built a custom rich internet application that is sure to become your business’ next major revenue stream. Conscious of security, you’ve ensured that the native application authenticates to the...
View ArticleSurviving the Week 2/1/13 – Ruby on Rails – JSON Parser Vulnerability
Ruby on Rails – JSON Parser Vulnerability The JSON parser which converts JSON into YAML and in turn hands over to the YAML parser is buggy. The fix delivered replaces the YAML backend (yaml.rb) which...
View ArticleAppSec Cali: Hackazon – Stop Hacking Like It’s 1999!
I’m looking forward to reconnecting with everyone next week at AppSec California. I hope you’ll join me for my talk, Hackazon – Stop Hacking Like It’s 1999! In this talk, I’ll give a detailed overview...
View ArticleC’mon back to Cali! OWASP AppSec California This Week!
I’m looking forward to seeing everyone next week at OWASP AppSec California in Santa Monica and hearing some of the great talks planned, but I’m mostly interested to see if Zach Lanier wears the same...
View Article
More Pages to Explore .....