Internet Application Security

Email Alerts

Register now to receive SearchSoftwareQuality.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Understanding XPath injection

    XPath injection is similar to SQL injection and other injection attacks, but this XML exploit has its own unique set of issues. Web services expert Rami Jaamour details how these exploits work -- and how you can avoid them. 

  • Injection attacks -- Knowledge and prevention

    SQL injection is recognized as a major threat to application security, but what about other injection attacks? SPI Dynamics' Caleb Sima dissects these exploits and offers straightforward prevention techniques in this podcast. 

  • One simple rule to make your Web apps more secure

    If there's one thing developers should do to increase Web applications security, it's input validation, according to Caleb Sima, founder and CTO of SPI Dynamics. In this interview, he discusses the most dangerous threats to Web applications, such as... 

  • Malicious code injection: It's not just for SQL anymore

    Injection attacks are ubiquitous, and SQL injection is only one version of the exploit. S.P.I. Dynamics' Bryan Sullivan describes these attacks and how to prevent them. 

  • Web services threats require specialized application security

    Web services are increasingly targeted for attack. These applications have a unique set of vulnerabilities, threats and countermeasures. Michael Cobb explains how to avoid XML bombs, XML denial-of-service and other exploits in this tip. 

  • session hijacking (TCP session hijacking)

    Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user... (Continued) 

  • content spoofing

    Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate. 

  • XSS prevention in Java

    Cross-site scripting exploits can devastate Java apps. With XSS attacks on the rise, expert Ramesh Nagappan explains how to prevent these exploits in J2EE applications through proper input validation and other methods. 

  • Shell script security: Protecting your code

    Shell scripts are vulnerable to bugs and exploits like any other programming language. Learn how to secure your script and protect your applications with these tips from James Turnbull. 

  • cross-site tracing (XST)

    Cross-site tracing (XST) is a sophisticated form of cross-site scripting (XSS) that can bypass security countermeasures already put in place to protect against XSS... (Continued)