The web is everywhere and it’s not an exaggeration. More and more application manufacturers move from dedicated desktop interfaces to web interfaces. You are probably using a web-based email system. Chances are that you are creating your documents using a web platform. If you develop…
HTTP Parameter Pollution: a Newer Class of Injection Attack
Nowadays, many components from web applications are commonly run on the user’s computer (such as JavaScript), and not just on the application’s provider server (such as Servlets). As time goes by, there is the need for web applications to provide a multitude of services to…
Web Application Firewalls do not replace secure development and operation of web applications
In eval($WAF); whitepaper, L. Nothdurfter, W.Neudorfer and M. Kirchner from the University of Applied Sciences Upper Austria, explain in detail how they evaluated the capabilities of some leading WAF’s (web application firewall), and concluded that although a WAF can raise the security level, secure development…
Acunetix Publishes PCI Compliance Guide
The paper aims to help companies meet impending PCI requirements London, UK – May 30, 2007 – Businesses that rely on payment by credit cards are required to comply with the PCI security standards by September 2007. Non compliance could result in loss of merchant…