I am continuously working on the content for Invicti Learn – an encyclopaedia-like project that aims to cover as many topics as possible related to web application security. https://www.invicti.com/learn/
Are you considering using an open-source vulnerability scanner to secure your web applications? In some cases, this is an excellent idea, but in other circumstances, it may reduce your initial costs only to greatly increase them later. Let us guide you and show you the factors you should consider as well as some of the … Continue reading Which open-source vulnerability scanner is right for you?
(Ghostwritten for Cristina Pop) Protected health information (PHI) is a specific type of personally identifiable information (PII) that relates to medical records as well as any past, present, or future information about an individual’s physical or mental health. This specific type of PII is covered by the Health Insurance Portability and Accountability Act of 1996 … Continue reading 4 ways DLP helps secure PHI
Path traversal attacks against Java web applications can expose sensitive information and allow escalation to more dangerous attacks. This post provides an overview of Java path traversal and announces an Invicti technical paper and open-source tool. Path traversal/directory traversal vulnerabilities allow malicious hackers to abuse user input to access files on the web server or the … Continue reading Path traversal in Java web applications – announcing the Invicti technical paper
(Ghostwritten for Kellie Vugrincic) In October 2022, Invicti organized its first Cybersecurity Roadshow event in Malta. Invicti staff visited MCAST to meet the students and faculty for a discussion of cybersecurity as both a field of study and a promising career path.At Invicti, we want to be a pillar of the local community, wherever that … Continue reading Invicti Malta Cybersecurity Roadshow 2022 at MCAST
(Ghostwritten for Roman Foeckl) Business leaders interested in professional IT solutions for enterprises will likely turn to the technological research and consulting company Gartner, Inc. and their famous Magic Quadrant reports before making any purchases. For many industries and specializations, the Magic Quadrant is one of the primary tools used for the initial evaluation of … Continue reading The Story of the Missing Gartner Magic Quadrant for Enterprise DLP
(Ghostwritten for Zoran Cocoara) In recent years, Slack became a de facto standard platform for business communications within business teams. Originally, it was a cloud service designed primarily for developers and IT personnel. However, now it is often the selected means of collaboration amongst most departments in both young startups as well as established companies. … Continue reading Slack security concerns and how DLP helps overcome them
(Ghostwritten for Roman Foeckl) Just a decade or two ago, cybersecurity used to be a concern only for the most prominent market players. Today, in the age of digital transformation, everyone is on their toes, even the smallest businesses. Handling cybersecurity is no longer just about protecting yourself against viruses and spyware and occasional network … Continue reading Is there a disconnect between business leaders and security teams?
Every data breach is costly, but it doesn’t take a sophisticated attacker to get your company into big trouble. Web application security is your first line of defense – and here’s why you cannot afford to drop your guard. Perhaps you feel that security vendors are trying to sell you something by scaremongering. After all, … Continue reading Can you afford to cut back on web application security?
(Ghostwritten for Chris Roney) Data is the new gold. The value of sensitive information and personal data may not seem that great but its leakage is one of the most costly disasters for all types of organizations – businesses, governments, and other institutions. The lack of suitable data protection is an accident waiting to happen because cybercriminals … Continue reading 5 Recommendations for User Data Protection and Data Privacy
The automotive industry is one of the victims of the extremely rapid onset of the digital age. For a few decades, the car computer was just a fancy name for a very simple electronic control unit (ECU) monitoring the engine. The road vehicle would run fine with the computer turned off, it would just be … Continue reading Automotive cyber security standards: ISO/SAE 21434 and more