March 2023

16 Ways Cloud WAFs are Better than On-Premise WAFs

Mar 30, 2023 By Indusface In Indusface

A Web Application Firewall (WAF) is a security solution designed to protect web applications from various attacks, including SQL injection, cross-site scripting (XSS), and others. There are two types of WAF: on-premise and cloud-based.

Read Post

Indusface

Read more about 16 Ways Cloud WAFs are Better than On-Premise WAFs

What is WAAP? - A Quick Walk Through

Mar 29, 2023 By Vinugayathri Chinnasamy In Indusface

Many of the businesses that already have revenue-generating web applications are starting an API-first program. Now, old monolithic apps are being broken into microservices developed in elastic and flexible service-mesh architecture. The common question most organizations grapple with is – how to enhance application security designed for web apps to APIs and API security? Protecting APIs against modern cyber threats requires going beyond the traditional solutions.

Read Post

Indusface

Read more about What is WAAP? - A Quick Walk Through

27 Most Notorious Hacks in History that Fall Under OWASP Top 10

Mar 28, 2023 By Venkatesh Sundar In Indusface

Hacks and data leaks have affected many major players in recent years, including AT&T Vendor(9 Million accounts), T-Mobile (37 Million accounts), JD Sports(10 Million), MyDeal (2.2Million), Dropbox (nearly 69 million accounts), Flagstar bank (1.5 Million) and eBay (145 million). Those were bad. But not the worst. What are the most notorious hacks in history? They’re subject to debate, but these 27 attacks categorized under OWASP Top 10 would be strong candidates for the title.

Read Post

Indusface

Read more about 27 Most Notorious Hacks in History that Fall Under OWASP Top 10

A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

Mar 27, 2023 By Indusface In Indusface

In this SaaSTrana podcast, Sunil Agrawal (CISO, Glean) shared his insights with Venky on the evolution of cybersecurity attacks and changes in hacker behavior over the years. He also shares his experience of a sub-domain takeover and how it led him to build foundationally secured SaaS products.

Read Post

Indusface

Read more about A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

SOC 2 Compliance for SaaS Startups & Top Pitfalls to Avoid

Mar 21, 2023 By Indusface In Indusface

In this episode of SaaSTrana, Venky and Raghu, Co-Founder of Sprinto, discusses why SaaS companies should pay close attention to security measures to become SOC 2 compliant.

Read Post

Indusface

Read more about SOC 2 Compliance for SaaS Startups & Top Pitfalls to Avoid

Merging WAF and IAM Capabilities for Next-gen Security | Scott Tomilson (Sr.Director, Ping Identity)

Mar 21, 2023 By Indusface In Indusface

In this podcast, Scott Tomilson (Sr.Director, Ping Identity) talks with Venky about best practices for implementing Single Sign-On (SSO) in SaaS apps. He also discusses how applications are at risk due to humans, devices, and apps. And having behavioral-based anomaly scoring and security is the need of the hour.

View Video

Indusface

Read more about Merging WAF and IAM Capabilities for Next-gen Security | Scott Tomilson (Sr.Director, Ping Identity)

API4:2019 - Lack of Resources & Rate Limiting: The What, Sample Exploit, and Prevention Methods

Mar 16, 2023 By Indusface In Indusface

Lack of resources & rate limiting is #4 on the OWASP Top 10 API Security Risks 2019. It is a prevalent API security risk. As per OWASP, rate limiting and resource-related flaws in APIs are quite easy to exploit, especially with automated toolkits and for-hire services. But the exploitation of the lack of resources & rate limiting flaws has severe consequences for the organization. So, what exactly is this security risk, and how do you prevent it?

Read Post

Indusface

Read more about API4:2019 - Lack of Resources & Rate Limiting: The What, Sample Exploit, and Prevention Methods

Patching Vulnerabilities Within 24 hours

Mar 16, 2023 By Indusface In Indusface

The average time of vulnerabilities remain open is 180+ days from the time it is discovered. When it comes to business growth vs security, business always wins, which means vulnerabilities are not patched on time allowing hackers to exploit them. However, most of these can be patched using Virtual patching. That too within 24 hours and ZERO impact to business continuity.

View Video

Indusface

Read more about Patching Vulnerabilities Within 24 hours

API2:2019 Broken User Authentication: The What, Impact, Sample Exploit, and Prevention Methods

Mar 15, 2023 By Indusface In Indusface

API2:2019 Broken User Authentication happens when an attacker bypasses an API’s authentication and authorization mechanisms and gains access to sensitive data or functionality that should only be available to authorized users.

Read Post

Indusface

Read more about API2:2019 Broken User Authentication: The What, Impact, Sample Exploit, and Prevention Methods

Dynamic Endpoints for API security | Kashi (Co-Founder & CTO Fitbots)

Mar 13, 2023 By Indusface In Indusface

Here are some highlights of the conversation between Kashi (Co-founder & CTO, Fitbots OKRs) & Venky (Founder & CMO, Indusface). They discuss various methods of data protection and utilizing dynamic endpoints for API security.

View Video

Indusface

Security

Read more about Dynamic Endpoints for API security | Kashi (Co-Founder & CTO Fitbots)

The Explosion of APIs and Nuances of API Security | Kashi (Co-founder & CTO, Fitbots)

Mar 13, 2023 By Indusface In Indusface

Here are some highlights of the conversation between Kashi (Co-founder & CTO, Fitbots OKRs) & Venky (Founder & CMO, Indusface). They discuss how the API adoption growth will lead to an exponential increase in API security needs. Adopting multiple business services & securely integrating with them will be the future for running a sustainable long-term business. They cover a bunch of other aspects in the SaaSTrana Podcast, like: - API security with dynamic endpoints

View Video

Indusface

API
Security

Read more about The Explosion of APIs and Nuances of API Security | Kashi (Co-founder & CTO, Fitbots)

19 Cybersecurity Trends Every CISO Must Prepare for in 2023

Mar 9, 2023 By Indusface In Indusface

We saw numerous cybersecurity breaches in 2022. The attacks became more sophisticated, the bots got sneakier, and the cost of breaches multiplied. Yet, enterprises were underprepared to deal with the well-known threats. With the rise of new technologies and the increased adoption of remote work, cybercriminals have quickly adapted their tactics. They are now targeting businesses in ways never seen before.

Read Post

Indusface

Read more about 19 Cybersecurity Trends Every CISO Must Prepare for in 2023

A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

Mar 9, 2023 By Indusface In Indusface

Overview: In this podcast, we have Sunil Agrawal (CISO, Glean), who has 22+ years of cybersecurity experience and 35+ patents in his name. He has worked in organizations like Adobe, Netflix, Motorola, Qualcomm, etc., and has seen the evolution of cybersecurity attacks and changes in hacker behavior over the years. He shares his experience of a sub-domain takeover and how it led him to build foundationally secured SaaS products.

View Video

Indusface

Read more about A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

10 API Security Tips you must know

Mar 7, 2023 By Indusface In Indusface

Cloud services have made the world a highly interconnected ecosystem. Enterprises leverage services (virtual and physical) provided by other enterprises rather than build them from scratch, creating a web of connected devices, applications, and users. An API is one such service. About Indusface: Indusface is a SaaS company that secures critical Web applications of 5000+ global customers using its award-winning platform that integrates Web application scanner, Web application firewall, CDN, and threat information engine.

View Video

Indusface

API
Security

Read more about 10 API Security Tips you must know

API Security 101: Understanding the Risks and Implementing Best Practices

Mar 3, 2023 By Vinugayathri Chinnasamy In Indusface

API security is the process of effectively securing APIs owned by the organization and external APIs used by implementing API-specific security strategies. It secures API vulnerabilities and misconfigurations and prevents their exploitation by attackers. It mitigates a wide range of API security threats and helps effectively manage risks associated with APIs.

Read Post

Indusface

Read more about API Security 101: Understanding the Risks and Implementing Best Practices

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2023

16 Ways Cloud WAFs are Better than On-Premise WAFs

What is WAAP? - A Quick Walk Through

27 Most Notorious Hacks in History that Fall Under OWASP Top 10

A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

SOC 2 Compliance for SaaS Startups & Top Pitfalls to Avoid

Merging WAF and IAM Capabilities for Next-gen Security | Scott Tomilson (Sr.Director, Ping Identity)

API4:2019 - Lack of Resources & Rate Limiting: The What, Sample Exploit, and Prevention Methods

Patching Vulnerabilities Within 24 hours

API2:2019 Broken User Authentication: The What, Impact, Sample Exploit, and Prevention Methods

Dynamic Endpoints for API security | Kashi (Co-Founder & CTO Fitbots)

The Explosion of APIs and Nuances of API Security | Kashi (Co-founder & CTO, Fitbots)

19 Cybersecurity Trends Every CISO Must Prepare for in 2023

A Sub-Domain Takeover Story, Two Questions for Every WAF Provider | Sunil Agrawal (CISO, Glean)

10 API Security Tips you must know

API Security 101: Understanding the Risks and Implementing Best Practices

Monthly Archive

Follow Us