web-application-security Archives | Page 16 of 20

Server-Side Template Injection Introduction & Example

Thu, 12 Jul 2018

This article introduces Server Side Templates and explains why and how they can be susceptible to Server-Side Template Injection vulnerabilities. It includes examples of HTML, PHP and CSS code and concludes with a list of recommendations on how to protect your web applications from attacks that exploit SSTI vulnerabilities.

Infographic: Statistics About the Security State of 104 Open Source Web Applications

Thu, 17 Aug 2017

In this infographic, we highlight the most common vulnerabilities that are found in open source web applications. Even though this is just a small sample of the web applications that are used on the live website on the internet, these statistics give us a good overview of the real life situation, and how many websites are vulnerable to malicious hacker attacks.

How you can disable directory listing on your web server—and why you should

Wed, 01 May 2024

Web Application Security and the SDLC Discussed on the Virtualization and Cloud Security Podcast

Mon, 22 May 2017

Ferruh Mavituna, Netsparker’s CEO talks about web application security automation and scalability with Edward Haletky in episode 17 of the Virtualizastion and Cloud Security Podcast.

Security Weekly Talks About Web Application Security & Automation with Netsparker CEO

Mon, 22 May 2017

In this episode of Security Weekly, Netsparker CEO Ferruh Mavituna talks about automating and scaling up the process of web application security scanning.

Infographic: Statistics About the Security Scans of 396 Open Source Web Applications

Thu, 25 Feb 2016

In this infographic we highlight the most common vulnerabilities that are found in open source web applications. Even though this is just a small sample of the web applications that are used on live website on the internet, these statistics give us a good overview of the real life situation, and how many websites are vulnerable to malicious hacker attacks.

The Importance of Finding All Vulnerabilities on Your Web Applications

Mon, 22 May 2017

Although compliance is mandatory, a secure web application is more important. This article explains why website owners should focus on finding and fixing all possible vulnerabilities on their web applications, even if it means doing much more than PCI DSS compliance require.

Security Weekly and Ferruh Mavituna Talk Automation and Scaling Up Web Application Security

Mon, 22 May 2017

During episode #442 of Security Weekly, Ferruh Mavituna, Paul Asadoorian, Jeffrey Man and several other web security professionals talk about the challenges of automating web application security and how companies can scale up automated web application security scanning and scan 100s and 1000s of web applications with the least possible resources.

Understanding the Differences Between Technical and Logical Web Application Vulnerabilities

Mon, 22 May 2017

Web application vulnerabilities can be split within two categories; logical and technical vulnerabilities. This post explains the main differences between these two different vulnerability categories.

Automatic Configuration of URL Rewrite Rules in Netsparker Web Application Security Scanners

Tue, 23 May 2017

URL rewrite rules are typically difficult to configure and unless configured properly, the target web application is not scanned properly and not all vulnerabilities are detected. With Netsparker web application security scanners you do not need to manually configure URL rewrite rules since the process is all automated.

How Does Netsparker Compare with other Automated Web Application Security Scanners?

Thu, 13 Aug 2015

A few weeks back Shay Chen took the Netsparker scanners for a spin and updated the web application security scanners benchmark report. We’ve done very well by identifying all direct impact vulnerabilities and did not report a single false positive, as promised.

Using Invicti To Comply With The OWASP Application Security Verification Standard When Developing Web Applications

Mon, 22 May 2017

The OWASP Application Security Verification Standard is a set of standards developed by OWASP to help developers write more secure code and web applications. This article explains how an automated web application security scanner such as Netsparker can help you comply with OWASP ASVS and develop more secure web applications.