Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

New & Notable

Download this free guide

Instant Download: Free Guide to Password Security

Including insights from security pros Michael Cobb, Jeremy Bergsman and Nick Lewis, gain expert advice on how to improve your password policies to keep your enterprise safe. Explore machine learning-powered techniques, how to approach mobile password management, and more.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Web security tools and best practices News

February 13, 2019 13 Feb'19
Dunkin' security alert warns of new credential-stuffing attacks

Dunkin' sent a security alert to customers warning of potentially malicious access of accounts due to the second credential stuffing attack in less than three months.
February 01, 2019 01 Feb'19
Google planning warnings for lookalike URLs in Chrome

Google is planning to add warnings on lookalike URLs in an ongoing effort to ensure internet users experience useful and clear warnings while using the Chrome browser.
January 29, 2019 29 Jan'19
Dailymotion credential stuffing attacks lasted more than 6 days

Video-sharing website Dailymotion reset passwords for an unknown number of users following 'large-scale' credential stuffing attacks that lasted for more than six days before being stopped.
January 25, 2019 25 Jan'19
DNS hijack attacks lead to government directive from DHS

Following a string of DNS hijack attacks around the globe, the Department of Homeland Security has directed federal agencies to harden defenses against DNS tampering.

View All News

Web security tools and best practices Get Started

Bring yourself up to speed with our introductory content

An architect's guide to microservices security

Whether you're new to distributed architecture or well underway with deployment, this guide on microservices security covers the basics through advanced tooling and strategies. Continue Reading
PKI (public key infrastructure)

A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party. Continue Reading
SSL (Secure Sockets Layer)

Secure Sockets Layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet. Continue Reading

View All Get Started

Evaluate Web security tools and best practices Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Infoblox's Cricket Liu explains DNS over HTTPS security issues

Cricket Liu, chief DNS architect at Infoblox, explains how DNS over HTTPS and DNS over TLS improve security, as well as challenges the new protocols may soon raise for enterprises. Continue Reading
Web browser quiz: Do you know Chrome, Firefox, Edge and IE?

Users work with web browsers constantly. As a result, it's important for IT to know how to manage the top options, including Google Chrome and Mozilla Firefox. Continue Reading
Can deception security tactics turn the tables on attackers?

Is the latest news on an onslaught of advanced threats causing you to despair? Maybe it's time to consider taking a 'deceptive' approach to IT security. Continue Reading

View All Evaluate

Manage Web security tools and best practices

Learn to apply best practices and optimize your operations.

How can credential stuffing attacks be detected?

Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat. Continue Reading
How did Browser Reaper cause browsers to crash?

A Mozilla vulnerability duplicated in the Browser Reaper set of DoS proofs of concept caused Chrome, Firefox and Safari to crash. Learn why and how this occurred. Continue Reading
5-step checklist for web application security testing

This five-step approach to web application security testing with documented results will help keep your organization's applications free of flaws. Continue Reading

View All Manage

Problem Solve Web security tools and best practices Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How does cross-site tracking increase security risks?

Mozilla's Firefox 63 automatically blocks tracking cookies and other site data from cross-site tracking. Learn what this is and what the benefits of blocking it are with Nick Lewis. Continue Reading
How was Kea DHCP v1.4.0 affected by a security advisory?

Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson. Continue Reading
Why communication is critical for web security management

Conveying the importance of web security to management can be difficult for many security professionals. Kevin Beaver explains how to best communicate with the enterprise. Continue Reading

View All Problem Solve