Ensuring application security and resilience is largely a technical endeavor. From source code development to vulnerability and penetration testing and all the variables in between, there are a lot of moving parts on the technical side. It’s important, however, to remember the soft side of…
Bouncing back: how your agency can handle disruption and embrace resilience
Invicti, the company behind Acunetix and Netsparker, has been securing public sector web applications for years, working with prominent agencies such as NIH, DOT, and the United States Armed Forces. As part of GovLoop’s Cyber Resiliency Guide, Bouncing Back: How Your Agency Can Handle Disruption and…
What is SCA and why you need it
The security of your business depends not just on your code but on the entire supply chain, which includes third-party components. The more third-party components you use, the more likely it is that a vulnerability in your web application will be a result of third-party…
Do you want your security to be built on excuses?
Opinion: Do you leave your car keys in the ignition just because it’s easier than securing your vehicle? If not, why do you come up with similar excuses when making decisions about the security of your sensitive data and your business reputation? In the cybersecurity…
The effect of President Biden’s security order on web application vendors
Do you want to sell your web applications to US government agencies? We have bad news and good news. The bad news is: President Biden just made it more difficult for you. The good news is: Acunetix® can make it much easier. The SolarWinds breach…
Why most application security measures fail and what must be done about it
In business, you’re only as good as the things that you have control over. And the only things that you can have control over are the things that you proactively measure and manage. If application security is an important part of your overall security program…
How to avoid web supply chain attacks
In early 2021, attackers infiltrated SolarWinds software used by thousands of major businesses and organizations worldwide. This allowed malicious parties to access data owned by not just SolarWinds but everyone who used the SolarWinds solution. Such attacks are called supply chain attacks and yes, they…
Sensitive data exposure – how breaches happen
The term sensitive data exposure means letting unauthorized parties access stored or transmitted sensitive information such as credit card numbers or passwords. Most major security breaches worldwide result in some kind of sensitive data exposure. Exploiting an attack vector such as a web vulnerability is…
Ad-hoc scanning is not enough
A web vulnerability scanner is usually perceived as an ad-hoc tool. Initially, all vulnerability scanners were such tools and current open-source web application security solutions still follow that model. However, with a major increase in the complexity and availability of web technologies, the ad-hoc model…