Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Webinar - Unveil and Protect the Most Vulnerable Subdomains, IPs, and Apps

Is your business unknowingly inviting #securitythreats? With multiple hidden weak links in an organization's #externalattacksurface, keeping track of them and avoiding them from getting exploited is an uphill task. In this webinar, Vivekanand Gopalan (VP of Product Management, Indusface) discusses best practices for finding weak links within an organization and building defense-in-depth around it.

Indusface Threat Coverage: MOVEit Transfer SQL Injection Vulnerabilities

Progress has recently raised concerns about multiple vulnerabilities in their MOVEit Transfer secure managed file transfer solution. These vulnerabilities have been publicly disclosed within the past several weeks, and the most recent one was reported on June 15, 2023. Notably, the latest vulnerability is claimed to be a zero-day SQL injection vulnerability. If exploited by an attacker, these vulnerabilities can lead to unauthorized access to the MOVEit Transfer database.

Dynamic Data Masking | (Sanjay - Executive Director, MSCI)

Here are some highlights of the conversation between Sanjay (Executive Director, MSCI) and Venky (Founder, Indusface). Sanjay has worked in Microsoft for over 14+ years and shares his experience on secure coding best practices & methods to handle customer-sensitive data. Key highlights from the discussion.

Android App Penetration Testing Checklist with 154 Test cases [Free Excel File]

Get Free Android App Penetration Testing Checklist With 2.9 million apps, the Android Play Store is the most widely adopted mobile operating system. With its vast opportunities, Android also draws the attention of malicious hackers who continuously seek to exploit weaknesses in mobile applications. Because of security concerns, Google has banned many apps from the Play Store. Building a secure Android app requires thorough mobile application penetration testing.

Over 2 million Websites Vulnerable to XSS Exploit (CVE-2023-30777) in WordPress Plugin

A zero-day vulnerability, denoted by the CVE identifier CVE-2023-30777, exposes a dangerous reflected cross-site scripting (XSS) flaw. This high-severity vulnerability has been discovered within the WordPress plugin (Advanced Custom Fields (ACF) and Advanced Custom Fields Pro). The CVE-2023-30777 exposes over 2 million installations to security risks, triggering widespread concern and anxiety among website owners and administrators.

Secure Coding Best Practices & WAAP for Application Hardening (Sanjay - Executive Director, MSCI)

Overview: In this podcast, Sanjay (Executive Director, MSCI) talks to Venky about secure coding best practices & methods to handle customer-sensitive data. He also shares why securing software isn't an accident and requires cautious efforts at an organizational level to make it possible.

API7:2019 Security Misconfiguration: The What, Sample Exploits, and Prevention Methods

Security misconfigurations are very common security risks, not just in web applications but also in APIs. They have been consistently part of the OWASP Top 10 Web Application Vulnerabilities. They were part of the original OWASP Top 10 API Security Risks published in 2019 and have now made it to the updated 2023 list. Security misconfiguration maintains its 7th rank in OWASP Top 10 API 2023RC owing to its widespread prevalence, easy exploitability, and easy detectability.

What Is Cyber Security Audit and How Is It Helpful for Your Business?

When was the last time you performed your cybersecurity audit? An audit of complete cybersecurity management, not a simple scan. If it has been longer than you remember, then you are probably at risk of being a victim of cyberattacks. As the world becomes increasingly interconnected, the risk of cyberattacks escalates. To safeguard against these threats, it is essential to have a robust cybersecurity management system in place.

Webinar - Zero-Day, DDoS, Bot & API Attack Trends

We analyzed 1 billion+ #zeroday, #DDoS, #API, and #bot attacks on 1400+ applications blocked in Q1 2023. And it's a 30% bump over Q4 2022! In this webinar, Vivekanand Gopalan, VP of Product Management, unfolds the findings after analyzing these attacks and gives actionable tips to protect businesses from emerging threats.