Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

December 08, 2020 08 Dec'20
Salesforce advised users to skip Chrome browser updates

Salesforce recommended users dealing with mixed content issues to skip Chrome upgrades or roll back to older versions of the browser, but the vendor later removed those steps.
August 12, 2020 12 Aug'20
Kaspersky reveals 2 Windows zero-days from failed attack

Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer.
July 27, 2020 27 Jul'20
Digital ad networks tied to malvertising threats -- again

Adsterra and Propeller Ads were implicated in past malvertising threats such the Master134 campaign. Now the two ad networks are linked to new malicious activity.
March 24, 2020 24 Mar'20
RSA Conference 2020 guide: Highlighting security's human element

What's happening at the 2020 RSA Conference? Our team keeps you up to date with pre-conference coverage and breaking news from the infosec world's biggest event.

Bring yourself up to speed with our introductory content

What are the types of APIs and their differences?

Enterprises increasingly rely on APIs to interact with customers and partners. It all starts by knowing which type of API is right for your needs. Continue Reading
digital signature

A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document. Continue Reading
10 API security guidelines and best practices

As with any software development cycle, API security must be built in from the start. Follow these guidelines to design, deploy and protect your APIs. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

5 cyber threat intelligence feeds to evaluate

Cyber threat intelligence feeds help organizations up their security game. While the 'best' feeds vary depending on a company's needs, here are five leading services to consider. Continue Reading
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Weighing remote browser isolation benefits and drawbacks

Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach. Continue Reading

Learn to apply best practices and optimize your operations.

SSL certificate best practices for 2020 and beyond

SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
Employ AI for cybersecurity, reap strong defenses faster

The cyber arms race is never-ending. Learn how to prevail over advanced attacks by putting the latest intelligent technology to service in your cybersecurity program. Continue Reading
Best practices for threat modeling service mesh, microservices

In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

What is bloatware? How to identify and remove it

Unwanted pre-installed software -- also known as bloatware -- has long posed security threats for computers and other devices. Here are strategies for how to detect bloatware and uninstall the potential threat. Continue Reading
10 RDP security best practices to prevent cyberattacks

Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more. Continue Reading
How to mitigate an HTTP request smuggling vulnerability

Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack. Continue Reading