Okay, I admit, I haven’t been stressing enough to people just how critical the Slow HTTP vulnerability really is. The Slow HTTP flaw is present on practically every Apache-based system I test and can facilitate denial of service (DoS) conditions rendering even the most resilient…
The Role Of An Automated Web Vulnerability Scanner In A Holistic Web Security Audit
Easily two-thirds of the value of any given web vulnerabilities assessment comes from the use of automated web vulnerability scanners. At least that’s been my experience. I certainly don’t have the knowledge – or the time – to manually track down every single flaw on…
Why Management Still Doesn’t Get Web Security
Having worked in IT for nearly two and a half decades, I’ve certainly seen my share of blame and abuse thrown the way of IT. Whether the network is down or the application is unavailable, people immediately assume that whatever IT did broke it, even…
Top 5 Information Security Trends in 2013
It’s always tricky to write about “top trends” especially in information security given that things are always in a state of flux. Yet still I can’t help but think about several key areas that you and I must keep our eyes on as we move…
How Your Web Presence is Throwing You Out Of Compliance
Don’t you hate it when you’re chugging along, minding your own business, doing what you believe to be the right things in business then whammo, an oversight catches you off guard? Take, for instance, a compliance violation that comes up during a routine audit. The…
Free WordPress Security Plugin by Acunetix
Do you have a WordPress site? Are you concerned about your site’s security? Then make sure you download the completely free WordPress Security Plugin. Powered by Acunetix, the plugin is a free and comprehensive security tool that helps you secure your WordPress installation and suggests…
The Disconnect between IT Security Audit and Software Developers
IT security auditors, whether they’re in-house or external, are forming stronger relationships with IT and security staff. They have to in order to effectively perform their audits. It’s good for the auditor, IT staff, and the business as a whole. When everyone’s on the same…
Acunetix Web Vulnerability Scanner v9 build 20130904 introduces detection of BREACH and CRIME SSL vulnerabilities
Acunetix Web Vulnerability Scanner version 9, build 20130904 contains various new features including the detection of BREACH and CRIME SSL / TLS vulnerabilities, the detection of vulnerabilities in OpenX and vBulletin, and various other improvements. New Functionality Implemented the detection for BREACH vulnerabilities. Implemented the…
Top 10 Insider Threats and How to Protect Yourself
The Edward Snowden incident highlights the dangers that an organization could be exposed to due to insiders with ill intent. You know; the very people you’ve entrusted with the organization’s well-being and have assumed to this point that everything they do is on the up…