Web security tools and best practices

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

September 14, 2021 14 Sep'21
Google patches actively exploited Chrome zero-days

Two more vulnerabilities in Google's web browser joined a growing list of Chrome zero-days that have been actively exploited in the wild this year.
August 20, 2021 20 Aug'21
Real estate firm turns to AI vendor for API security

API security is under scrutiny as businesses digitally transform, and startup vendors are emerging with fresh approaches for secure cloud computing.
July 15, 2021 15 Jul'21
US government launches 'StopRansomware' site

In the latest initiatives to combat ransomware, the new website provides individuals and organizations with services and tools to help reduce the risk of attacks.
June 16, 2021 16 Jun'21
Zscaler: Exposed servers, open ports jeopardizing enterprises

Zscaler analyzed 1,500 networks and found administrators are leaving basic points of entry wide open for attackers as neglected servers are falling by the wayside.

Bring yourself up to speed with our introductory content

digital certificate

A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it. Continue Reading
browser hijacker (browser hijacking)

A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit. Continue Reading
certificate authority (CA)

A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Cloud-native security benefits and use cases

'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into cloud-native security from expert Dave Shackleford. Continue Reading
Risk-based vulnerability management tools in the cloud

As enterprises increasingly rely on cloud services, a risk-based vulnerability management approach can provide the best protection against cybersecurity threats. Continue Reading
8 blockchain security risks to weigh before adoption

Blockchain and smart contracts have their own unique vulnerabilities. But poor code testing, cryptographic keys and generic network attacks will get you, too. Continue Reading

Learn to apply best practices and optimize your operations.

5 bad practices that lead to insecure APIs in cloud computing

API security often feels complicated. However, your IT team will go a long way in securing its services if it avoids these common pitfalls in API design and implementation. Continue Reading
Building an incident response framework for your enterprise

Understanding the incident response framework standards and how to build the best framework for your organization is essential to preventing threats and mitigating cyber incidents. Continue Reading
Top 10 types of information security threats for IT teams

Common security threats range from insider threats to advanced persistent threats, and they can bring an organization to its knees unless its in-house security team is aware of them and ready to respond. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to prevent software piracy

Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
How to fix the top 5 cybersecurity vulnerabilities

Check out the top five cybersecurity vulnerabilities and find out how to prevent data loss or exposure, whether the problem is end-user gullibility, inadequate network monitoring or poor endpoint security defenses. Continue Reading
CERT vs. CSIRT vs. SOC: What's the difference?

What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading