Most WAF providers rely on reactive methods, responding to vulnerabilities after they have been discovered and exploited. However, we believe in proactively addressing potential risks, and using AI to achieve this. Today we are sharing a recent example of a critical vulnerability (CVE-2023-46805 and CVE-2024-21887) and how Cloudflare's Attack Score powered by AI, and Emergency Rules in the WAF have countered this threat.

ARMO’s new feature revolutionizes Kubernetes vulnerability scanning based on eBPF technology to help Kubernetes and DevSecOps practitioners focus on fixing the vulnerabilities that impact their security posture the most.

VikRentCar is a popular car rental management system that is also available as a WordPress plugin. The plugin provides a hassle-free and reliable rent reservation system for cars, scooters, motorbikes, boats, and any other vehicles.

McKinsey is calling 2023 “generative AI’s breakout year.” In one of their recent surveys, a third of respondents reported their organizations use GenAI regularly in at least one business function. But as advancements in AI continue to reshape the tech landscape, many CCISOs are left grappling with this question: How does AI impact software development cycles and the overall security of business applications?

On January 10, 2024, Juniper Networks released patches to remediate a critical vulnerability (CVE-2024-21591) in Junos SRX and EX series devices. CVE-2024-21591 could allow a threat actor to cause a denial of service (DoS) or achieve unauthenticated remote code execution (RCE) with root privileges. The vulnerability impacts the J-Web component of Junos OS, the operating system running on the devices. The vulnerability was discovered during external security research.

On January 16, 2024, Citrix published a security bulletin disclosing two zero-day vulnerabilities (CVE-2023-6548 & CVE-2023-6549) being actively exploited in Citrix NetScaler ADC and NetScaler Gateway.

To initiate an Indusface WAS vulnerability scan on your URL, confirming ownership of the URL or domain being scanned is essential. This verification is an additional security measure to prevent unauthorized users from conducting scans on your URL or domain and revealing potential vulnerabilities. There are 3 different methods to verify your URL.

Two vulnerabilities have been detected in in Citrix NetScaler ADC and NetScaler Gateway. These vulnerabilities are being tracked as CVE-2023-6549 and CVE-2023-6548 with CVSS scores of 8.2 and 5.5 respectively. They are under active exploitation, affecting the following product versions.

The OWASP Mobile Application Security Testing Guide (MASTG) and the OWASP Mobile Application Security Verification Standard (MASVS) are two vital resources that have been instrumental in reshaping the landscape of mobile app security. Developed by cybersecurity experts, the MASTG is an elaborate manual that describes the technicalities for meeting the security requirements listed in the OWASP Mobile Application Security Verification Standard (MASVS).

Your mobile apps are your business's face to the world. As an app creator or business owner, credibility is everything, and security is the cornerstone upon which it stands. Now, with the digital ecosystem being highly susceptible to breaches, even a single slip in security can shatter the trust your users have in your brand, tarnishing the hard-earned credibility of your business. This is why mobile app security is key to your business’s growth.