Web Application Firewalls do not replace secure development and operation of web applications

In eval($WAF); whitepaper, L. Nothdurfter, W.Neudorfer and M. Kirchner from the University of Applied Sciences Upper Austria, explain in detail how they evaluated the capabilities of some leading WAF’s (web application firewalls), and concluded that although a WAF can raise the security level, secure development and operation of web applications should be of top priority. […]

Read More →

Why File Upload Forms are a major security threat

File upload forms, nowadays can be found allover the internet.  In social network web applications, such as Facebook and Twitter, in blogs, forums, e-banking sites, YouTube and also in corporate support portals, to give the opportunity to the end user to efficiently share files with corporate employees.  Users are allowed to upload images, videos, avatars […]

Read More →

Acunetix Publishes PCI Compliance Guide

The paper aims to help companies meet impending PCI requirements London, UK – May 30, 2007 – Businesses that rely on payment by credit cards are required to comply with the PCI security standards by September 2007. Non compliance could result in loss of merchant account, severe fines and lawsuits. In view of these new […]

Read More →

The Payment Card Industry Compliance

Securing both Merchant and Customer data This white paper introduces the Payment Card Industry Compliance standard, and the security threats which brought about the need to standardize the data protection of both merchants and customers. The internet is no longer just a source of information, but it is a trading universe where thousands of credit […]

Read More →

Are AJAX applications vulnerable to Hack Attacks?

This paper reviews AJAX technologies with specific reference to JavaScript and Ajax Security.  It briefly documents the kinds of vulnerability classes that should raise security concerns among developers, website owners and the respective visitors. The proposed solution suggests auditing AJAX and JavaScript based applications with a web vulnerability scanner that not only parses the HTML […]

Read More →

PHP and SQL Security

This white paper looks at some of the issues that should be considered every time a PHP script is written. Problems such as SQL Injections, Directory Traversal and other technical vulnerabilities, with well-designed code and some basic security experience, can be eliminated entirely. Click here to read the PHP and SQL Security whitepaper

Read More →