attack application security
Data Loss Prevention Starts at the Endpoint: Seeking Safety From the Data Loss Pandemic
White Paper The agent of loss might be an otherwise diligent manager with legitimate rights to the missing data, a disgruntled employee bent on revenge, or a professional thief executing a carefully orchestrated and targeted attack. [13 Nov 2009]
SQL Server Anti-Forensics: Techniques and Countermeasures
White Paper This paper attempts to get ahead of the curve by discussing the techniques security professionals can use to perform forensics analysis after a database attack. It focus specifically on Microsoft SQL... [13 Nov 2009]
Addressing the Insider Threat: Improving Database Security to Manage Risk Within the Federal Government
White Paper In the face of the growing threat of attack, agencies must make securing critical data from theft, misuse, and abuse a priority. In 2006, OIG reports highlighted database security deficiencies at several... [13 Nov 2009]
Application Whitelisting: A New Security Paradigm
White Paper It shouldn't matter that the web is the preferred malware attack vector and that in 1Q08 a new infected webpage was discovered every five seconds. depth strategy in place complete with an Endpoint... [13 Nov 2009]
The Latest in "Hybrids": Deployment Models for Email Security
White Paper As network and application vulnerabilities continue to grow in the presence of an increasingly aggressive and sophisticated mix of attack vectors, organizations continue to struggle with balancing the... [12 Nov 2009]
A Dynamic Technique for Enhancing the Security and Privacy of Web Applications
White Paper It introduces a technique for enhancing the security and privacy for a web-based solution, by augmenting its execution environment to include tracking information that permits to efficiently identify and thwart several... [11 Nov 2009]
Laying the IT Security Foundation - Corralling Conficker and Other Threats in an Evolved Environment
White Paper The traditional security approach addresses each individual attack as it crops up through a detect and blocking schema. However in today's ever-changing IT environment, sophisticated threats such as... [29 Oct 2009]
An Anatomy of a Web Hack: SQL Injection Explained
White Paper The nation of SQL injection isn't new, but is still widely misunderstood and many sites are still vulnerable to attack. By using a security appliance such as WebDefend, along with beefing up... [06 Oct 2009]
The Web Hacking Incidents Database 2008: Annual Report
White Paper Unlike other resources covering web site security, which focus on the technical aspect of an incident, the WHID focuses on the impact of the attack. The Web Hacking Incident Database (WHID) is a project... [06 Oct 2009]
Scraping, Denial of Service, and Brute Force Attacks! Oh My!: Identifying and Controlling Automated Clients
White Paper When a guessed password allows access to the system, the brute force attack has been successful and the attacker is able access the account. Anti-Automation defenses are critical in today's web... [06 Oct 2009]
WebDefend and the OWASP Top Ten
White Paper This webcast provides a reference guide outlining how WebDefend's collaborative attack detection can help address each of top ten issues reported by OWASP. With all the web application attacks and... [02 Oct 2009]
Think You Are Immune From a Web Application Attack - Think Again!
White Paper Breach Security recently announced that web attackers unleashed a new type of SQL injection attack in 2008 that compromised more than 500,000 websites, according to its Web Hacking Incidents Database... [01 Oct 2009]
The Web Hacking Incidents Database (WHID): Trends in Web Application Security
White Paper In addition, in many cases of web attacks victims hide the breach or are not aware that a web attack had occurred. The presenter will provide with attack and vulnerability resources. What are the... [01 Oct 2009]
The Web Hacking Incidents Database 2009: Bi-Annual Report
White Paper Attack vectors exploiting the Web 2.0 features such as user-contributed content were commonly employed. The WHID project is dedicated to maintaining a record of web application-related... [01 Oct 2009]
Microsoft releases emergency patch to plug critical ActiveX hole
News However, researchers figured out a way to get around the kill bit protection mechanism, thus rendering it ineffective and exposing the system to attack, said Eric Schultze, chief technology officer at Shavlik Technologies. [29 Jul 2009]
Keep updated for stories matching attack application security via RSS
