New & Notable
Application attacks (buffer overflows, cross-site scripting) News
April 22, 2019
BeStorm X, a black-box fuzzer by Beyond Security and Ubiquitous AI, tests IoT devices to identify security weaknesses and vulnerabilities before they're exploited.
March 19, 2019
A critical WinRAR bug that was exposed after 19 years is already being exploited in targeted attacks in the Middle East and United States, despite the availability of patch.
February 25, 2019
A WinRAR bug that affects every version of the app over the past 19 years was discovered and patched. But it's unclear if the millions of the app's users will get the needed fix.
October 22, 2018
A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.
Application attacks (buffer overflows, cross-site scripting) Get Started
Bring yourself up to speed with our introductory content
In computing, a payload is the carrying capacity of a packet or other transmission data unit. The term has its roots in the military and is often associated with the capacity of executable malicious code to do damage. Technically, the payload of a ... Continue Reading
Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache. Continue Reading
IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both. Continue Reading
Evaluate Application attacks (buffer overflows, cross-site scripting) Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Developers often pay lip service about being integral to application security, but they usually don't consider vulnerabilities until much too late in the dev process. Continue Reading
Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF. Continue Reading
A runtime application self-protection tool only sounds complicated. Buying and using a RASP tool, though, may prove a surprisingly simple way to amp up your application security. Continue Reading
Manage Application attacks (buffer overflows, cross-site scripting)
Learn to apply best practices and optimize your operations.
This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws. Continue Reading
To mitigate software-related security risks, fine-tune your application security program to get the right people involved, document your standards and manage your weak points. Continue Reading
Deciding which web applications on which to focus application security testing is a challenging task. Read this list of considerations to ensure you're addressing the right areas. Continue Reading
Problem Solve Application attacks (buffer overflows, cross-site scripting) Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Common web application vulnerabilities continue to confound enterprises. Here's how to defend against them and stop enabling exploits. Continue Reading
Eliminating application security flaws from an enterprise's server can be a complex task. Learn steps to take in order to improve application security with expert Kevin Beaver. Continue Reading
NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made. Continue Reading