The HTTP header injection vulnerability is a web application security term that refers to a situation when the attacker tricks the web application into inserting extra HTTP headers into legitimate HTTP responses. HTTP header injection is a technique that can be used to facilitate malicious…
Web security basics: Is your web application safe?
In our old advertisements, you could often read that 70 percent of websites are hackable. The sad truth is, however, that every website and web application can be hacked, given enough time and resources. What makes a website or web application fall within the 70 percent…
Choosing the web application security solution that is right for you
Do you have a headache trying to choose the right web application security solution? Well, we sure hope it’s Acunetix, but it might not be! We won’t try to convince you that we are the one – that would be unprofessional because we know nothing…
US government agencies given a new deadline to secure critical software
The Office of Management and Budget (OMB) released a memorandum on August 10, 2021, in response to Executive Order (EO) 14028, Improving the Nation’s Cybersecurity. The EO recognizes the importance of software security to protect against malicious cyber attacks that threaten the American people’s security…
Is it good? Ask the developer!
We’re so used to the image of the “security guy” who takes care of all the cybersecurity needs in the company that it keeps security siloed and makes progress impossible. We have to get rid of that image and realize that in some cases, notably…
Black Hat 2021: What we don’t know may be the greatest cybersecurity threat
I always come away from the Black Hat USA cybersecurity conference having learned something new, feeling inspired, and imbued with just the right amount of angsty determination to do my part to help improve what is, in my opinion, one of the most pressing collective…
DIY security – are you doing it right?
There is no tool in the world that can fully replace a human when it comes to finding web vulnerabilities. A skilled security researcher is always able to find more than an automated scanner. There is just one problem. With a ratio of thousands of…
5 reasons why every MSSP needs a professional web application security solution
Managed security service providers (MSSP) are a fantastic alternative for small to medium-sized organizations whose primary objectives are to hire employees that are business-focused, not recruit teams of IT and security professionals who, whilst valuable to the security of the organization are not contributors to…
Cybersecurity metrics for web applications
Small and mid-sized businesses are able to manage their information security, including web application security, in a very direct fashion. The numbers of assets, vulnerabilities, and incidents are low enough for the security manager to be able to have a clear view of IT security…