Enterprises are continuously battling criminals on many fronts. It’s an all-out war against enemies that are well-hidden and remain unpredictable. And the stakes are high – an effective, multi-stage attack can cripple the business or even lead to its complete downfall. Fortunately, most enterprises now…
White paper: The Future Is the Web! How to Keep It Secure?
The web is everywhere and it’s not an exaggeration. More and more application manufacturers move from dedicated desktop interfaces to web interfaces. You are probably using a web-based email system. Chances are that you are creating your documents using a web platform. If you develop…
HTTP Parameter Pollution: a Newer Class of Injection Attack
Nowadays, many components from web applications are commonly run on the user’s computer (such as JavaScript), and not just on the application’s provider server (such as Servlets). As time goes by, there is the need for web applications to provide a multitude of services to…
Web Application Firewalls do not replace secure development and operation of web applications
In eval($WAF); whitepaper, L. Nothdurfter, W.Neudorfer and M. Kirchner from the University of Applied Sciences Upper Austria, explain in detail how they evaluated the capabilities of some leading WAF’s (web application firewall), and concluded that although a WAF can raise the security level, secure development…
Acunetix Publishes PCI Compliance Guide
The paper aims to help companies meet impending PCI requirements London, UK – May 30, 2007 – Businesses that rely on payment by credit cards are required to comply with the PCI security standards by September 2007. Non compliance could result in loss of merchant…