Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

New & Notable

Download this free guide

Instant Download: Free Guide to Password Security

Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Web security tools and best practices News

December 11, 2018 11 Dec'18
Second Google+ data exposure leads to earlier service shutdown

Another Google Plus data exposure -- this time potentially affecting more than 52 million users -- will cause the service to be shut down four months earlier than scheduled.
November 27, 2018 27 Nov'18
USPS website flaw exposed data for one year

The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago.
November 16, 2018 16 Nov'18
Firefox Monitor offers breach alerts on visited websites

The promised integration with Have I Been Pwned is expanding in Firefox Monitor with new breach alerts when a user visits a recently compromised website.
November 16, 2018 16 Nov'18
Google BGP route leak was accidental, not hijacking

Despite early speculation, experts concluded the BGP route leak that sent Google traffic through China and Russia was due to an accidental misconfiguration and not malicious activity.

View All News

Web security tools and best practices Get Started

Bring yourself up to speed with our introductory content

5 actionable deception-tech steps to take to fight hackers

Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture. Continue Reading
pen test (penetration testing)

Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Continue Reading
digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. Continue Reading

View All Get Started

Evaluate Web security tools and best practices Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Web browser quiz: Do you know Chrome, Firefox, Edge and IE?

Users work with web browsers constantly. As a result, it's important for IT to know how to manage the top options, including Google Chrome and Mozilla Firefox. Continue Reading
Can deception security tactics turn the tables on attackers?

Is the latest news on an onslaught of advanced threats causing you to despair? Maybe it's time to consider taking a 'deceptive' approach to IT security. Continue Reading
How does TLS 1.3 differ from TLS 1.2?

Compared to TLS 1.2, TLS 1.3 saw improvements in security, performance and privacy. Learn how TLS 1.3 eliminated vulnerabilities using cryptographic algorithms. Continue Reading

View All Evaluate

Manage Web security tools and best practices

Learn to apply best practices and optimize your operations.

How did WhatsApp vulnerabilities get around encryption?

WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work and how to prevent them. Continue Reading
How to configure browsers to avoid web cache poisoning

Web cache poisoning poses a serious threat to web browser security. Learn how hackers can exploit unkeyed inputs for malicious use with expert Michael Cobb. Continue Reading
How can a 13-year-old configuration flaw affect SAP systems?

Cybersecurity vendor Onapsis found a 13-year-old flaw that affects nine out of 10 SAP NetWeaver systems. Learn how the flaw affects SAP systems with expert Judith Myerson. Continue Reading

View All Manage

Problem Solve Web security tools and best practices Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How was Kea DHCP v1.4.0 affected by a security advisory?

Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson. Continue Reading
Why communication is critical for web security management

Conveying the importance of web security to management can be difficult for many security professionals. Kevin Beaver explains how to best communicate with the enterprise. Continue Reading
How does a WDC vulnerability put hardcoded passwords at risk?

Several vulnerabilities were found in Western Digital's My Cloud, including one that affects the default hardcoded password. Learn how to avoid such risks with expert Nick Lewis. Continue Reading

View All Problem Solve