Author Archives Tomasz Andrzej Nidecki

THE AUTHOR

Tomasz Andrzej Nidecki
Technical Content Writer

Tomasz Andrzej Nidecki (also known as tonid) is a Technical Content Writer working for Acunetix. A journalist, translator, and technical writer with 25 years of IT experience, Tomasz has been the Managing Editor of the hakin9 IT Security magazine in its early years and used to run a major technical blog dedicated to email security.

7 reasons why development teams skip security steps

Web Security Zone | January 17, 2022 by Tomasz Andrzej Nidecki

The Fall 2021 Invicti AppSec Indicator has made us aware of an incredibly high percentage of development teams that have admitted to skipping security steps. There is a 70% chance that this happens in your business, leaving your web applications exposed to malicious hacker attacks….

2021 – the year in review

Web Security Zone | December 27, 2021 by Tomasz Andrzej Nidecki

As 2021 comes to an end, it is time to sum up the year to see what it meant for Acunetix, Invicti, and the web application security industry. The rise of Invicti 2021 was the year when Acunetix became a brand of Invicti Security. The…

Critical alert – Log4Shell (CVE-2021-44228 in Log4j) – possibly the biggest impact vulnerability ever

Web Security Zone | December 13, 2021 by Tomasz Andrzej Nidecki

On December 10, 2021, a serious vulnerability was discovered in the Apache Log4j framework, which is commonly used by most Java installations. The vulnerability, dubbed Log4Shell or LogJam, was identified in the NVD as CVE-2021-44228 and, to quote one of Acunetix original creators and primary…

The false sense of security in the cloud

Web Security Zone | December 2, 2021 by Tomasz Andrzej Nidecki

Businesses like yours have different reasons to move to the cloud. Some do it primarily to save on hardware. Others go further and outsource services to reduce the need for their own resources. Those who want to outsource administration and related services often believe that…

Secure coding practices – the three key principles

Web Security Zone | November 29, 2021 by Tomasz Andrzej Nidecki

All security vulnerabilities are the result of human error. Most web application vulnerabilities and API security issues are introduced by developers. Therefore, the best approach to building secure applications is to do all that is possible to avoid introducing such errors in the first place instead of…

Code security is not enough!

Web Security Zone | November 22, 2021 by Tomasz Andrzej Nidecki

Recently, I came across an article that referred to web application security as code security and I hope it was just a slip of the tongue. If you really think web application security is the same as code security, you are leaving a gaping hole…

What is website security – how to protect your website from hacking

Web Security Zone | November 18, 2021 by Tomasz Andrzej Nidecki

You protect your every office computer with an antivirus. You install firewalls to prevent unwanted access to your network. But what do you do to secure your website? And what can happen if it’s not secured? This article is aimed at website owners that are…

You are the only one who can secure and protect your web applications

Web Security Zone | November 15, 2021 by Tomasz Andrzej Nidecki

Security-related vocabulary includes a lot of words with imprecise meanings. Two such terms that give me a headache when used in the web application security context are the verbs to secure and to protect. But this headache is nothing compared to the one I get…

What is continuous web application security?

Web Security Zone | November 1, 2021 by Tomasz Andrzej Nidecki

The term continuous security in the context of web application security is best understood when paired with well-known terms continuous integration and continuous deployment (CI/CD). Continuous security means that security is part of a continuous process – DevSecOps or, even better, SecDevOps. The confusion around…

Take action and discover your vulnerabilities