Author: Sam Alapati

You may think that since you have secured your network through firewalls and intrusion prevention devices, you must be secure. Not so fast! Attackers are constantly on the prowl, looking for any server or service they can exploit in your network. For example, a poorly configured web or mail server can be identified with an unauthorized external network scan. It’s not uncommon for a software package to automatically install an Apache server, for example, without the administrator or installer being […]

The Open Web Application Security Project (OWASP) releases a list of the top ten web application vulnerabilities each year. OWASP is a non-profit open community dedicated to helping organizations develop and maintain trusty worthy web applications. The OWASP Top Ten represents the consensus option in the field about the most critical web application security flaws. Companies can perform web application vulnerability assessments to ensure they can find if those applications contain any of the vulnerabilities in the Top Ten list. […]

Frost & Sullivan and the security professional group (ISC)2 recently conducted a survey on the state of security work force. The survey’s leader says that information security professionals are too busy with their day-to-day work to devote enough time for security related work. This inability to focus on security work leaves IT security professionals unprepared for major technological changes such as cloud computing and the increasingly sophisticated spectrum of application security threats. The survey’s report states that companies are potentially […]

One of the most vulnerable security areas is malicious software that hackers piggyback on to steal your data. Companies may suddenly find their E-Mail systems hacked because an employee unwittingly opened a malicious email attachment. Hackers target companies through malicious software that gains entry to your system though email attachments, web browser and mobile devices. To counteract malware, you must use antivirus and anti spyware software. Tools such as this can detect malware and block their execution. If you want […]

One of the most vulnerable areas of web applications is the authentication and session management. Weak authentication and session management enlaces hackers to steal passwords, session tokens, encryption keys and even assume the identity of legitimate users. Session IDs are frequently exposed without the SSL or TSL protection or revealed through the rewriting of URLs. The attackers could be external hackers or insiders who want to use other user’s accounts to perform malicious acts. The problem is caused mainly because […]