Vandana Verma, security architect at IBM India Software Labs and web application security expert, shares her advice on tools, training, and shifting left.
An application security vulnerability is a security bug, flaw, error, fault, hole, or weakness in software architecture, design, code, or implementation that can be exploited by attackers. Let’s take a closer look at the different types of security vulnerabilities.
Posted in Web Application Security | Comments Off on What are the different types of security vulnerabilities?
Web frameworks can introduce security issues into web applications. Mitigate this risk with a static analysis tool that understands the frameworks you use.
The use of Node.js is rising. But many organizations don’t know about the potential license and security risks that Node.js can pose for their applications.
How do you protect your web apps from hackers? Forget firewalls. You need an AppSec toolbelt, including software composition analysis and automated testing.
Posted in Web Application Security | Comments Off on Why hackers are targeting your web apps (and how to stop them)
Spoiler: There isn’t a “worst web application security issue,” because every app is unique. But these issues are a good place to start your security review.
Posted in Web Application Security | Comments Off on Ask the Experts: What’s the worst web application security issue?
A CISO having a bad day finds out the hard way that cutting corners on software security testing might end up costing him more than he saved.
Preparing for a web application security interview? Here’s a thorough list of web AppSec interview questions for companies to ask and candidates to review.
Posted in Web Application Security | Comments Off on Web AppSec interview questions every company should ask