Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

August 12, 2020 12 Aug'20
Kaspersky reveals 2 Windows zero-days from failed attack

Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer.
July 27, 2020 27 Jul'20
Digital ad networks tied to malvertising threats -- again

Adsterra and Propeller Ads were implicated in past malvertising threats such the Master134 campaign. Now the two ad networks are linked to new malicious activity.
March 24, 2020 24 Mar'20
RSA Conference 2020 guide: Highlighting security's human element

What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.
January 13, 2020 13 Jan'20
Signal Sciences: Enterprises still overlooking web app security

Signal Sciences co-founder and CEO Andrew Peterson explains why web application security often gets shortchanged and what his next-gen WAF company is doing to change that.

Bring yourself up to speed with our introductory content

What are the top secure data transmission methods?

Safe information transfer is a must for modern organizations, but not all secure data transmission methods are equal. Explore your secure data transfer options in this tip. Continue Reading
Everything you need to know about software penetration testing

With pen testing, you uncover software's vulnerabilities before hackers do. Use this overview of the practice to learn about tooling options, test types, use cases and common flaws. Continue Reading
AI-powered cyberattacks force change to network security

Companies now face sophisticated enemies using AI and machine learning tools for their attacks. It's a world of new dangers for those defending network systems and data. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Weighing remote browser isolation benefits and drawbacks

Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach. Continue Reading
Bot management drives ethical data use, curbs image scraping

Bot management tools can help enterprises combat bad bots, prevent web and image scraping, and ensure ethical data use -- all while maintaining a positive end-user experience. Continue Reading
Who wins the security vs. privacy debate in the age of AI?

When trying to maintain balance between security and privacy in an AI-enabled world, who decides which side should tip and when? So continues the security vs. privacy debate. Continue Reading

Learn to apply best practices and optimize your operations.

SSL certificate best practices for 2020 and beyond

SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
Employ AI for cybersecurity, reap strong defenses faster

The cyber arms race is never-ending. Learn how to prevail over advanced attacks by putting the latest intelligent technology to service in your cybersecurity program. Continue Reading
Best practices for threat modeling service mesh, microservices

In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

10 RDP security best practices to prevent cyberattacks

Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more. Continue Reading
How to mitigate an HTTP request smuggling vulnerability

Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack. Continue Reading
How to prevent buffer overflow attacks

Read up on types of buffer overflow attacks, and learn secure coding best practices that prevent such vulnerabilities, as well as post-deployment steps to keep apps and websites safe. Continue Reading