web-application-security Archives | Page 17 of 20

Security Weekly Interviews Ferruh Mavituna about Web Application Security

Mon, 22 May 2017

In this interview with Security Weekly, Ferruh talks about web application security and explains how he got started, why Netsparker Enterprise is the ideal tool for large organizations who would like to ensure the security of all their web applications, explains how the false positive free vulnerability scanning technology works and much more.

Netsparker Web Scanner Automatically Identifies DOM XSS Vulnerability in WordPress Default Theme

Thu, 07 May 2015

Netsparker Web Application Security Scanner was used to automatically identify a DOM based cross-site scripting vulnerability in Twenty Fifteen, a default WordPress theme since WordPress 4.1. Read how this vulnerability affects millions of WordPress websites and how you can fix it.

Netsparker Enterprise or Netsparker Desktop?

Tue, 23 May 2017

Should you use the desktop edition of Netsparker or go for Netsparker Enterprise, the new online web application security scanner? This article talks about the scope of both products and explains in detail what they are to help you better understand both products and choose the best solution.

What Can You Learn from 87 Advisories About Web Application Vulnerabilities?

Mon, 22 May 2017

This article looks into the details of all the 87 advisories Netsparker published about SQL Injection, XSS and other vulnerabilities Netsparker Web Application Security Scanner identified in several open source web applications. It uses statistics to highlight the state of security of both open source and non open source web applications.

Passwords vs. Pass Phrases – Innovation and Evolution

Mon, 22 May 2017

This third and last password paper looks into new innovations and evolution of passwords and authentication mechanisms. It looks into what other options there are available should we opt for something more secure than passwords and pass phrases.

POODLE SSL Vulnerability – The End of Life for SSL 3.0

Wed, 15 Oct 2014

The newly discovered POODLE SSL vulnerability enables attackers to capture and read traffic encrypted using the SSL 3.0 protocol, which even though is fifteen years old the protocol is still widely supported for backward compatibility. Scan your web servers with Netsparker to check if they are vulnerable to the POODLE SSL vulnerability.

An automated scanner that finds all OWASP Top 10 security flaws? Really?

Fri, 02 Aug 2019

Ruby on Rails Security Basics

Wed, 06 Aug 2014

How Fast is Your Web vulnerability Scanner?

Mon, 22 May 2017

There are many different factors that can affect the duration of a complete web application security test. Learn what such factors are and learn how to evaluate your security tools to ensure your business gets the best return on investment when doing web application security tests.

URL Rewrite Rules and Web Vulnerability Scanners

Tue, 23 May 2017

URL Rewrite Rules have become extremely popular in web applications but many web vulnerability scanners fall short of automatically scan such websites. Read this article to learn more on why typical web vulnerability scanners are unable to scan websites which use URL rewrite rules and what Netsparker did to allow users to easily and automatically scan websites with URL rewrite technology enabled.

What is DOM-based XSS (cross-site scripting)?

Thu, 09 May 2019

Passwords vs. Pass Phrases – Weaknesses Beyond the Password

Mon, 22 May 2017

Using strong passwords is not enough, the whole system should be built well to ensure that the underlying technology can survive a data breach, when, and not if it happens. In fact a modernized approach to password ideology is only one of the several necessary steps for a highly-secured system