Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

New & Notable

Download this free guide

Free Guide: Root Causes of the Cybersecurity Skills Shortage

Our editorial director sat down with David Shearer, CEO of (ISC)², for a Q&A where they discussed what is (and isn’t) contributing to the cybersecurity skills shortage in the United States and how to fix the problem.

Corporate E-mail Address:
You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login.
You have exceeded the maximum character limit.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Web security tools and best practices News

April 19, 2019 19 Apr'19
DNS hijacking campaign targets national security organizations

A DNS hijacking campaign targeting national security organizations and critical infrastructure may be part of a new trend, according to the researchers behind recent attacks.
April 16, 2019 16 Apr'19
Microsoft disputes Outlook data breach report

Microsoft warned Outlook users who may have had data compromised in an attack using customer support login credentials to access account information over the course of months.
April 04, 2019 04 Apr'19
Pipdig WordPress plugin accused of DDoS attacks and backdoors

Pipdig, a blog theme and plugin company, was accused of using obfuscated code to gain backdoor access to customer blogs and launch low-scale DDoS attacks on rivals.
April 03, 2019 03 Apr'19
Proof-of-concept Magento exploit used in attacks

Experts are urging users to patch after a proof-of-concept Magento exploit was picked up by malicious actors and used in attempted attacks on e-commerce websites.

View All News

Web security tools and best practices Get Started

Bring yourself up to speed with our introductory content

Transport Layer Security (TLS)

Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications. Continue Reading
information security (infosec)

Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Continue Reading
Web application firewall (WAF)

A Web application firewall (WAF) is a firewall that monitors, filters or blocks traffic to and from a Web application. WAFs are especially useful to companies that provide products or services over the Internet. Continue Reading

View All Get Started

Evaluate Web security tools and best practices Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

Assess secure web gateways to suit your network security needs

Secure web gateways play an important role in minimizing security risks associated with website vulnerabilities, user behaviors and endpoint weaknesses. Continue Reading
Symantec Web Security Service vs. Zscaler Internet Access

Learn how cloud-based secure web gateway products Symantec Web Security Service and Zscaler Internet Access compare when it comes to features, benefits, pricing and support. Continue Reading
6 questions to ask before evaluating secure web gateways

Learn which six questions can help an organization identify its web security and business needs and its readiness to implement a secure web gateway. Continue Reading

View All Evaluate

Manage Web security tools and best practices

Learn to apply best practices and optimize your operations.

How do I avoid Exchange security certificate issues?

Exchange SSL certificates keep communications secure, so it's important avoid the bargain bin when shopping for them. Continue Reading
Key steps to put your zero-trust security plan into action

There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one that's best for your company. Continue Reading
How can credential stuffing attacks be detected?

Credential stuffing attacks can put companies that offer online membership programs, as well as their customers, at risk. Find out how to proactively manage the threat. Continue Reading

View All Manage

Problem Solve Web security tools and best practices Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

5 common web application vulnerabilities and how to avoid them

Common web application vulnerabilities continue to confound enterprises. Here's how to defend against them and stop enabling exploits. Continue Reading
How does cross-site tracking increase security risks?

Mozilla's Firefox 63 automatically blocks tracking cookies and other site data from cross-site tracking. Learn what this is and what the benefits of blocking it are with Nick Lewis. Continue Reading
How was Kea DHCP v1.4.0 affected by a security advisory?

Kea, an open source DHCP server, was issued a medium security advisory for a flaw that causes memory leakage in version 1.4.0. Discover the workarounds with Judith Myerson. Continue Reading

View All Problem Solve