Get a free application, infrastructure and malware scan report - Scan Your Website Now

API SecurityApplication Security TestingAppTrana Feature UpdatesAttacks & Data BreachesBotCDNComplianceCybersecurityData ProtectionDDoSEvents 2022Events 2023IndusfaceMobile Application SecurityNews 2022News 2023News 2024News 2025OWASP API Top 10OWASP Top 10Penetration TestingSaaSTranaSecurity BulletinSQL Injection AttacksSSLVulnerability ManagementVulnerability ScanningWAAPWAS Feature UpdateWeb Application FirewallWeb Application ScanningWeb Application SecurityWebsite HackingWebsite SecurityZero Day Attacks

Indusface Blog

All
ScreenConnect Authentication Bypass
Calender IconFebruary 26, 2024
Author Icon
Clock Icon 3 min Read
ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)

Uncover critical security flaws in ConnectWise ScreenConnect (CVE-2024-1709 & CVE-2024-1708) posing remote code execution risks. Actively exploited in the wild.

Read More...
how to find xxe vulnerability
Calender IconFebruary 13, 2024
Author Icon
Clock Icon 8 min Read
XML External Entity (XXE): How to Identify and Fix Vulnerabilities

XML External Entity (XXE) is a vulnerability where attackers exploit XML parsers to access sensitive files, trigger DoS, or run remote code via malicious input

Read More...
What is Zero day Vulnerability?
Calender IconFebruary 5, 2024
Author Icon
Clock Icon 7 min Read
Zero-day Vulnerability – Examples, Detection & Prevention [+ Monthly 0-day Reports]

Zero-day vulnerabilities refer to unpatched flaws exploited by attackers before fixes, posing significant security risks to both software and hardware.

Read More...
Zero Vulnerability Report - SwyftComply
Calender IconFebruary 2, 2024
Author Icon
Clock Icon 3 min Read
Autonomous Patching in 72 Hours: Understanding SwyftComply on AppTrana WAAP

Explore SwyftComply: AppTrana WAAP’s autonomous patch feature ensuring zero vulnerability reports to meet compliance with SOC 2, PCI, and more, all in 72 hours.

Read More...
How to prevent SYN Flood Attack?
Calender IconJanuary 25, 2024
Author Icon
Clock Icon 8 min Read
SYN Flood Attack: The What, Impact, and Prevention Methods

A SYN flood is a type of DDoS attack where the attacker overwhelms a server with excessive SYN requests, causing resource exhaustion and service disruption.

Read More...
URL Verification Method in Indusface WAS
Calender IconJanuary 22, 2024
Author Icon
Clock Icon 2 min Read
A Step-by-step Guide to URL Verification in Indusface WAS

Secure your Indusface WAS vulnerability scan with our guide to URL verification. Confirm ownership and prevent unauthorized access in 3 simple methods

Read More...
XML RPC
Calender IconJanuary 17, 2024
Author Icon
Clock Icon 6 min Read
What is XML-RPC? Benefits, Security Risks, and Detection Techniques

vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks

Read More...
API-Discovery
Calender IconJanuary 17, 2024
Author Icon
Clock Icon 9 min Read
API Discovery: Definition, Importance, and Step-by-Step Guide on AppTrana WAAP

By identifying & cataloging in-use APIs, API discovery enables organizations to assess security risks associated with each API upon inventory creation.

Read More...
Apache OFBiz Zero day vulnerability
Calender IconJanuary 16, 2024
Author Icon
Clock Icon 4 min Read
Critical Apache OFBiz Zero-day AuthBiz (CVE-2023-49070 and CVE-2023-51467)

The Apache OfBiz ERP system is found to have a zero day flaw (CVE-2023-51467) that may lead to unauthorized access. Explore the impact & patch details.

Read More...
What is vulnerability testing?
Calender IconJanuary 12, 2024
Author Icon
Clock Icon 7 min Read
What is Vulnerability Testing? Benefits, Tools, and Process

Vulnerability testing systematically identifies and evaluates weaknesses in digital systems, enabling proactive cybersecurity measures and threat mitigation.

Read More...
Website Security Threats
Calender IconJanuary 5, 2024
Author Icon
Clock Icon 6 min Read
5 Website Security Threats and How to Prevent Them

The volume, size, sophistication, and impact of website security threats are fast increasing, making their prevention imperative. Read more.

Read More...
Apache Struts 2 Vulnerability CVE-2023-50164
Calender IconDecember 21, 2023
Author Icon
Clock Icon 2 min Read
Apache Struts 2 Vulnerability CVE-2023-50164 Exposed

The latest vulnerability CVE-2023-50164 disclosed on Apache Struts affects the Struts 2 framework’s file upload logic, allowing unauthorized path traversal.

Read More...
Managed WAF

Join 51000+ Security Leaders Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

AppTrana

Fully Managed SaaS-Based Web Application Security Solution

Get free access to Integrated Application Scanner, Web Application Firewall, DDoS & Bot Mitigation, and CDN for 14 days

Get Started for Free Request a Demo

Gartner

Indusface is the only cloud WAAP (WAF) vendor with 100% customer recommendation for 4 consecutive years.

A Customers’ Choice for 2024, 2023 and 2022 - Gartner® Peer Insights™

The reviews and ratings are in!