The IBM Security Ethical Hacking Team has put together a video series that demonstrates attacks from each category from OWASP’s Top 10 list. Each video includes information on how to prevent these attacks and how to use automated tools to test whether attacks are possible. These videos were initially intended for IBM internal use but have now recently been made publicly available.
You can watch all 10 videos at:
To learn more about the OWASP 10 most common application attacks and how to defend against them, register for our upcoming webinar: Avoiding Application Attacks — A Guide to Preventing the OWASP Top 10 from Happening to You.
Today's modern web applications are more than a match for most desktop PC applications and continue to push boundaries by taking advantage of limitless cloud services. But more powerful web applications means more complicated code, and the more complicated the code, the greater the risk of coding flaws — which can lead to serious security vulnerabilities within the application. Web application vulnerabilities face exploitation by relentless malicious actors, bent on profiteering from data theft, or gaining online notoriety by causing mischief. This article looks at securing web applications by adopting industry best application development practices, such as the OWASP Top 10 and using web application vulnerability scanning tools, like IBM Rational® AppScan®.
You might also be interested in:
IBM Security AppScan is a leading application security testing suite designed to help manage vulnerability testing throughout the software development lifecycle. IBM Security AppScan automates vulnerability assessments and scans and tests for all common web app vulnerabilities, including SQL injection, cross-site scripting, buffer overflow, and new flash/flex app and Web 2.0 exposure scans.
AppScan provides full coverage of the OWASP Top 10 for 2013. Our solution also includes support for industry-standard Transport Layer Security (TLS) protocol 1.2, and is compliant with Federal Information Publication Standard (FIPS) 140-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.
Download a trial version of AppScan Standard.
Comment (1) Visits (6565)
Arxan Technologies has post
You might also be interested in....
Defending against malware: A holistic approach to one of today’s biggest IT risks
This white paper will examine the changing strategies that malware has employed in recent years, explain the typical sequence of events that occurs during an attack, and describe how an integrated defense can help keep the enterprise safe from these advanced persistent threats.