You've requested...

Share this with your colleagues:

Download this next:

Application security testing: Protecting your application and data

Application security testing is critical in ensuring your data and applications are safe from security attack. This e-book explains the basics of application security and how it differs from network security, and then delves deeper into testing for two common vulnerabilities: injection and cross-site scripting. It ends with a tip regarding performance concerns when adding security protection to code. The e-book is written for IT management, including QA and development managers, interested in ensuring their applications are kept secure.

These are also closely related to: "Cross Site Scripting"

  • Gain control over your web traffic & mitigate application attacks

    For most organizations, protecting web applications from attacks is critical to prevent compromises that could ultimately take down those applications as well as expose sensitive data to hackers.

    Web application firewalls (WAF) sit in-between users across the internet and your applications, inspecting back-and-forth traffic for potential threats and indicators of compromise (IOC).

    In this resource, learn about the Armor monitored WAF and how it gives you control over which traffic to allow or block to your web applications by defining customizable web security rules to stop OWASP Top 10 application attacks including SQL injections (SQLi), XML external entity (XXE) attacks, and cross-site scripting (XSS) attacks.

  • Taking Action to Secure Web Applications

    The amount of SQL injection attacks rose by 69% over the first two quarters of 2012. Unfortunately, HTML 5, among other technologies, is headed on the same path.

    Are your web applications secure?

    This expert E-Guide from SearchSecurity.com explores the vulnerabilities of web applications and explores steps you should take to keep them safe.

Find more content like what you just read:

  • Secure coding best practices for developers

    Access this whitepaper to learn some of the best steps you can take today to have more secure coding practices, and the many risks you'll be able to address.

    Download

  • What can a security shift left do for you?

    Security can become a massive roadblock at the end of a development sprint, so you need to think about shifting it left in your DevOps process. What can a security shift left accomplish for you? Learn about all of the benefits in this whitepaper, and learn how to begin moving your security process today.

    Download

  • Remote code execution and application security vulnerabilities

    Join Mark Rogan, DAST Manager from the WhiteHat Security Threat Research Center, as he discusses the top vulnerabilities and gives valuable prevention tips for enterprises to implement.

    Download

  • Web-Facing Applications: Mitigating Likely Web Application Threats

    In this expert E-Guide, learn how the increased use of business-centric Web applications has spawned alarming new information security threats. Also inside, uncover tips, tricks, and best practices for making your Web apps more secure – read on to get started.

    Download

  • Application security: Understanding its current state

    This application security statistics report provides an analysis of the state of application security, brings to the forefront evolutionary trends, and highlights best practices that result in better application security over time. The report also presents challenges and opportunities to secure the applications.

    Download

  • Web-facing applications: Security assessment tools and strategies

    Read this expert E-guide to find out how you can properly asses web application threats and the tools your organization can use for protection. Learn how to mitigate likely web application threats and how you can ensure your business is protected.

    Download

  • E-Guide: Preventing and detecting security vulnerabilities in Web applications

    The extent of fundamental security flaws in most applications often requires a re-architecture, but there are some secondary measures information security teams can take to safeguard faulty applications. This expert tip maps out the steps security professionals should take to lock down their Web applications.

    Download

  • Simple solution for speed test script generation

    Open this whitepaper to learn about an AI-driven codeless testing solution that allows teams to automate the process of writing test scripts, regardless of skill level, making test script generation faster than ever, and far easier to maintain.

    Download

  • E-Guide: Keys to Protecting Web Applications from Vulnerable Exploits

    Today’s attackers are stealing substantial amounts of confidential information every day by exploiting vulnerable Web application servers. This expert e-guide highlights the most popular Web application attack methods and offers advice on how to keep your network safe through URL filtering.

    Download

  • 5 things you need to know about a Web Application Firewall

    Web Application Firewall (WAF) is a priority item for IT professionals who are struggling to protect their customer-facing and mission-critical applications. WAFs detect and protect web applications from attacks that try to exploit vulnerabilities. In this white paper, learn 5 things you need to know before buying a WAF.

    Download

  • Web Application Firewalls: Patching, SDLC Key for Security, Compliance

    In this expert e-guide, discover how web application firewalls (WAFs), combined with a strong software development lifecycle (SDLC), are playing an essential role in web application security and compliance. See how you can achieve a strategic, defense-in-depth approach to enterprise security by reading on now.

    Download

  • How to implement a successful application security program

    Network security is everywhere and we have all been hyperaware of securing the perimeter and having our firewalls on high alert. Now, application vulnerabilities are being exploited and it's time to do something about it. In this best practices guide, learn the steps to take towards implementing a successful application security program.

    Download

  • Everything you need to know about IAST

    Interactive Application Security Testing (IAST) is a technology for automatically identifying and diagnosing software vulnerabilities in applications and APIs. IAST continuously monitors your applications for vulnerabilities from within. In this white paper, learn everything you need to know about IAST.

    Download

  • A comprehensive approach to reducing vulnerabilities

    In this white paper, discover a comprehensive approach to reducing vulnerabilities across your ecosystem.

    Download

  • e-Guide: Evolving IT security threats: Inside Web-based, social engineering attacks

    Defending IT infrastructure involves understanding attack methods that are effective today. This expert e-guide highlights several characteristics of modern computer security threats to keep in mind as you assess and improve your information security program, and provides recommendations for dealing with them.

    Download

  • Computer Weekly – 4 July 2017: Be better connected in a wireless world

    In this week's Computer Weekly, we look at the latest developments in wireless technology and how to deliver secure and reliable wireless networks. We examine Microsoft's PowerShell scripting language to understand why it's such an important tool. And we ask CIOs what it's like to cross the divide and work for IT suppliers. Read the issue now.

    Download

  • E-Guide: How to Combat the Latest Cybersecurity Threats

    It takes a great deal of time and money to fine-tune IT security in response to evolving IT security threats and attack tactics. This expert e-guide provides an in-depth overview of modern computer security threats and offers technical advice on how to deal with them.

    Download

  • How to transform network traffic into data for your security team

    Learn how this top research university was able to meet all of their network traffic analysis requirements with fast network log searches, expanded custom detection scripting capabilities, and more.

    Download

  • Smart cards: security risks

    This article in our Royal Holloway Information Security Thesis series assess the new features introduced in Java Card 3 Connected Edition smart card specification and their associated security risks.

    Download

  • International domain name homographs: Are you protected?

    Internationalized Domain Names (IDNs) are often abused by cybercriminals to conduct malicious activities, such as phishing or malware distribution. In this new research report, Farsight Security Global Internationalized Domain Name Homograph Report, examine the prevalence and distribution of IDN homographs across the Internet.

    Download

  • Exchange Insider E-Zine Vol. 14: Securing Mobile Devices and Exchange

    This essential e-zine reviews key BYOD concerns and considerations for Exchange admins, and offers tips for addressing the technical logistics of delivering secure email access to mobile devices. Learn how to leverage PowerShell scripts, ActiveSync data, and more.

    Download

  • DevSecOps delivers better business

    Firms need to consider the move from DevOps to DevSecOps. This e-guide focuses on the benefits of DevSecOps, paints a picture of the rise of this approach, and explains why using the right DevSecOps tools leads to more secure development. DevSecOps delivers better business, and it's time for you to find out how and why.

    Download

  • Choosing the right mobile app security testing option

    Download this solution brief to compare several offerings from a suite of mobile app security testing options that utilize a combination of dynamic and static automated scanning.

    Download

  • Learn how PowerShell is being leveraged by cyberattackers

    While intended for system administration and the automation of daily maintenance and management tasks, PowerShell has become a preferred tool for cybercriminals. In this white paper, learn more about how PowerShell is being leveraged by cyberattackers and how enSilo can protect your endpoints against this increasing threat.

    Download

  • Security for the PCI compliant environment

    This white paper examines the applicability of Trend Micro's Hybrid Cloud Security Solution, specifically Trend Micro Deep Security, to secure Payment Card Industry (PCI) data in accordance with the PCI DSS when used in physical, virtual, cloud, or container environments.

    Download

  • How improved SAST can help dev teams ensure app security

    Download this white paper to learn how a static application security testing (SAST) tool, can help your teams ensure that app code is secure – from development to pre-production – through effective scanning and remediation of vulnerabilities.

    Download

  • Technical Guide on Emerging Threats

    It takes time and money to adjust IT security in response to evolving attack tactics. As defenders gradually update their security measures, attackers respond accordingly. Such arms-race dynamics lead to threats of increasing sophistication and efficiency.

    Download

  • 4 major cyberattack methods and how to defend against them

    The question is not whether you will be attacked. It's when, by what, and how badly your company's reputation or finances will be damaged. In the world of cybersecurity the wrong time to consider defense is after the attack has occurred. In this white paper, learn about different attack methods and how to protect your company.

    Download

  • SAST for microservices: Why is it so important?

    In the race to get to market, the last thing you want is to overlook the security of your microservices architecture. Don't leave your development process vulnerable. Click inside to learn about a Static Applications Security Testing (SAST) offering that allows you to ensure your microservices are as safe as possible.

    Download

  • Top 5 attack vectors

    This white paper walks through the top 5 security attacks, by providing insights into tactics, techniques and procedures commonly used by threat actors. Then, find out how a managed detection and response strategy can take your security protocols to the next level and protect your organization.

    Download

  • 2019 Hacker Report: Discover key findings

    Many hackers are finding career building opportunities through bug bounties, with companies hiring from within the hacker community at a faster clip than ever before. As hacking grows in popularity, training continues to be a focus. Download this research report that details more than 300,000 individuals who represent the hacker community today.

    Download

  • How to secure source code for all your apps, not just the critical ones

    App vulnerabilities originate with the source code, and you'll want to secure more of your source code in both development and production. But it's easier said than done for security pros to review source code continuously. Uncover a new static application security testing subscription service to address this problem.

    Download

  • CW+: Analyst's take: Cyber-Ark benefits privileged account management

    Managing privileged accounts requires balancing accessibility and control while ensuring audit capabilities.  Cyber-Ark enables organizations to increase administrator productivity while reducing risk.

    Download

  • Beating web application security threats

    Application security plays an important role in ensuring the accuracy and confidentiality of data, yet at times teams may fear that security can interfere with overall performance. Read this e-book for tips that discuss the value of application security and explain how to implement it to ensure the highest availability and usability.

    Download

  • Expert Guide to web 2.0 Threats: How to Prevent an Attack

    A majority of today’s organizations already leverage the benefits of Web 2.0 technologies, or at least wonder how they can take advantage of it. This expert e-guide provides an overview of what Web 2.0 really is and explains how to combat the myriad of threats that accompany this convenient technology.

    Download

  • CW ASEAN, November 2018: Blockchain is no 'magic wand' for security

    Blockchain is all the rage, although the technology is so much more than just about bitcoin and cryptocurrencies. In this issue of CW ASEAN, we examine how blockchain is being applied in cyber security, and whether the technology is really as secure as claimed by its proponents. Read the issue now.

    Download

  • eGuide: Expert Tips for Deploying Secure Messaging Technologies

    This eGuide discusses the critical importance of securing these messaging systems and looks at various methods for protecting the information that is transmitted via these technologies.

    Download

  • How to gain vulnerability visibility

    Learn how you can gain visibility into your environments (cloud, on-premises, or hybrid), and identify the remediation steps required to eliminate exposures.

    Download

  • Application security best practices

    According to the Verizon DBIR, 60% of breaches involved web app attacks. Take a look at this white paper to discover best practices for application security as well as a case study example to prove the benefits of the application security best practices.

    Download

  • Limiting malware propagation – a way forward

    This article in our Royal Holloway Information Security Thesis Series puts forward a suggestion for the creation and implementation of a hypervisor at a layer below the operating system.

    Download

  • SIEMless threat management for your organization

    As the variety and sophistication of exploits continues to grow, even large, mature Fortune 100 security teams are feeling unprotected. In this resource, explore how your organization can tackle today's evolving cybersecurity threats, expanding compliance risks, and the all-too-common resource constraints.

    Download

  • 24/7 monitoring and threat analysis

    Learn how your business can benefit from intrusion detection and log management, backed by 24/7 monitoring and threat analysis from certified security experts

    Download

  • Developing a virtual agent for real-time customer support

    In this case study, learn how Autodesk, a global leader in 3D computer-aided design, engineering, and entertainment software, developed a virtual agent to interact with customers contributing to a 10-point increase in customer satisfaction levels.

    Download

  • 5 key security insights every business and IT leader should know

    High-profile data breaches continue to make headlines, but the real news is the dramatic increase in volume and the intensity of cyberattacks it now affecting organizations of all sizes and types. Learn how your organization can keep up with the fast-moving threat landscape with 5 key security insights.

    Download

  • Explore tips for blending DevOps and security programs

    If you want to build out your DevOps and security programs in order to improve your application security initiatives, vulnerability testing has to be baked into your day-to-day processes. In this e-guide, explore tips for blending DevOps and security in order to help your organization catch vulnerabilities and resolve them quickly.

    Download

  • How to get increased protection with a managed WAF

    When alerts and incidents coming in are at an all-time high, IT teams looks for additional security options to help. In this resource, learn how to block malicious web traffic, reduce false positives, conduct threat analysis, and more.

    Download

  • Application security: More important than ever

    In this e-guide we look at why application security is more important than ever due to traditional software and cloud-based, web and mobile applications playing an increasingly important role in business.

    Download