Home >
White Papers
Changing the Game: The New Security Threats Facing Your Organization
With the explosion of web applications available today, comes a host of new and ever-changing threats to data security. Web applications expose a significant risk to organizations – as well as their consumers – and hackers are continuously finding new ways to exploit these applications. But what are the top threats facing web applications? And how can businesses remediate and protect against attacks? This white paper discusses the latest web application challenges, organizational considerations, business costs associated with security issues, and tips to maintain the integrity of an organization’s web applications. In addition, readers will gain an understanding of the top web application attacks, such as SQL injection, cross-site scripting, session hijacking, and scraping, and how to best remediate these tactics.
Anatomy of a Web Hack—SQL Injection Explained
While there are many types of attacks against your organization, none are as simple or as potentially destructive as what is known as a SQL injection. This attack is used to manipulate your organizations web applications to extract sensitive information straight out of your corporate databases and is one of the more popular attacks employed in identity theft incidents. This white paper provides a step-by-step walkthrough of the attack, describing its consequences and defense strategies.
The Business Case for Web Application Firewalls
by Ken Tyminski, former Vice President and Chief Information Security Officer for the Prudential Insurance Company of America.
In addition to protecting web applications against attacks, web application firewalls can help organizations bring their technology strategies and business objectives into alignment. Authored by Ken Tyminski, former Vice President and Chief Information Security Officer for the Prudential Insurance Company of America, this white paper discusses how web application firewalls allow organizations to deploy their web applications more rapidly, achieve significant cost savings in the process, and increase the coordination between their security and development teams.
Enough With Default Allow In Web Applications!
The default allow deployment model used by web applications is the cause of numerous security problems-it forces applications to accept any requests, rather than only those they can handle. This white paper proposes the adoption of a default deny model to remove several classes of vulnerabilities and significantly reduce the attack surface for many others. The default deny model works best when adopted during application development, but can be nearly as efficient in other phases of the software development lifecycle or during deployment.
An Evaluation of the ModSecurity Pro M1100 Relative to the Payment Card Industry
by The Aegenis Group.
The leader in providing training, risk management, and strategic consulting in the Payment Card Industry (PCI) takes a look at ModSecurity M1100 to evaluate the features and functions of the device relative to the needs of the payments industry. This white paper reviews Ease of Installation and Use, Product Features and Support of Industry Considerations.
An Evaluation of WebDefend Relative to the Payment Card Industry
by The Aegenis Group.
The leader in providing training, risk management, and strategic consulting in the Payment Card Industry (PCI) takes a look at ModSecurity M1100 to evaluate the features and functions of the device relative to the needs of the payments industry. This white paper reviews Ease of Installation and Use, Product Features and Support of Industry Considerations.
Guide to PCI Compliance for Web Applications
On the surface, the Payment Card Industry Data Security Standard (PCI DSS) reads as a series of absolutes. Yet, in meeting Requirement 6.6, organizations have a choice—they must either protect their web applications by a web application firewall or undergo a code review by an organization that specializes in application security. How do you decide which solution is right for your organization? This free white paper will help you make that choice.
Why Organizations Need Web Application Firewalls
More and more organizations are using the web to conduct business and hackers are taking advantage of the opportunity this trend presents. Web applications are hackers’ new target of choice as evidenced by the growing number of recent, high-profile security breaches. This white paper will discuss the reasons for the increase in attacks on web applications, why network security solutions, application vulnerability scanning, and secure coding initiatives do not provide sufficient protection, and how web application firewalls can provide continuous security for production web applications.