Get a free application, infrastructure and malware scan report - Scan Your Website Now

API SecurityApplication Security TestingAppTrana Feature UpdatesAttacks & Data BreachesBotCDNCompliance SecurityCybersecurityData ProtectionDDoSEvents 2022Events 2023IndusfaceMobile Application SecurityNews 2022News 2023News 2024News 2025OWASP API Top 10OWASP Top 10Penetration TestingSaaSTranaSecurity BulletinSQL Injection AttacksSSLVulnerability ManagementVulnerability ScanningWAAPWAS Feature UpdateWeb Application FirewallWeb Application ScanningWeb Application SecurityWebsite HackingWebsite SecurityZero Day Attacks

Indusface Blog

All
CVE-2024-8517 - Unauthenticated Remote Code Execution in SPIP
Calender IconSeptember 13, 2024
Author Icon
Clock Icon 3 min Read
CVE-2024-8517 – Unauthenticated Remote Code Execution in SPIP

A command injection flaw (CVE-2024-27348) in SPIP allows remote attacks without authentication. Learn mitigation steps & how AppTrana provides Day 0 protection.

Read More...
Vulnerability Management Challenges
Calender IconSeptember 13, 2024
Author Icon
Clock Icon 5 min Read
Top 8 Vulnerability Management Challenges and How to Overcome Them

Uncover top vulnerability management challenges & where organizations go wrong in addressing security gaps. Learn effective strategies to overcome these issues.

Read More...
vulnerability scan
Calender IconAugust 30, 2024
Author Icon
Clock Icon 5 min Read
How Frequently Should We Run a Vulnerability Scan?

Understand how to determine the perfect frequency for vulnerability scans. Protect critical systems, manage risks, and maintain compliance effectively.

Read More...
OWASP Top 10 client side risks
Calender IconAugust 30, 2024
Author Icon
Clock Icon 5 min Read
Understanding OWASP Top 10 Client-Side Risks

Understand the OWASP Top 10 Client-Side Risks, common vulnerabilities in client-side code, and practical strategies to mitigate these threats effectively.

Read More...
What is Formjacking attack?
Calender IconAugust 26, 2024
Author Icon
Clock Icon 4 min Read
Formjacking Attacks – How They Work and How to Prevent Them

Discover Formjacking attacks, their impact on businesses, effective prevention strategies, and PCI DSS 4.0 requirements for client-side security compliance.

Read More...
How to prevent Magecart attacks?
Calender IconAugust 23, 2024
Author Icon
Clock Icon 6 min Read
Magecart Attack – Techniques, Examples & Preventions

What is a Magecart Attack? Magecart attacks are a form of digital skimming that targets insecure websites to steal payment information. These attacks involve injecting malicious JavaScript code into e-commerce.

Read More...
types of cyberattacks a waf is designed to stop
Calender IconAugust 22, 2024
Author Icon
Clock Icon 5 min Read
8 Types of Cyberattacks a WAF is Designed to Stop

8 common types of cyberattacks a WAF is designed to stop. Indusface WAF allows custom rules, prevents business logic flaws, assures zero false positives.

Read More...
CVE-2024-38856 –Apache OFBiz Pre-Auth RCE Vulnerability
Calender IconAugust 14, 2024
Author Icon
Clock Icon 5 min Read
CVE-2024-38856 –Apache OFBiz Pre-Auth RCE Vulnerability

A new zero-day vulnerability, CVE-2024-38856, has been discovered in the Apache OFBiz open-source enterprise resource planning (ERP) platform, presenting a critical threat to businesses worldwide. This pre-authentication remote code execution.

Read More...
Hotjar's OAuth+XSS Flaw
Calender IconAugust 1, 2024
Author Icon
Clock Icon 3 min Read
Hotjar’s OAuth+XSS Flaw Exposes Millions at Risk of Account Takeover

Hotjar’s OAuth+XSS flaw risks millions. Attackers exploit this vulnerability with deceptive links, exposing user data and leading to potential takeovers.

Read More...
Calender IconAugust 1, 2024
Author Icon
Clock Icon 4 min Read
CVE-2024-4879 & CVE-2024-5217 Exposed – The Risks of RCE in ServiceNow

Discover critical ServiceNow vulnerabilities CVE-2024-4879 & CVE-2024-5217, exposing systems to remote code execution. Learn about risks & mitigation measures.

Read More...
Android Penetration Testing checklist
Calender IconJuly 31, 2024
Author Icon
Clock Icon 9 min Read
Android App Penetration Testing Checklist with 154 Test cases [Free Excel File]

Check out the checklist of 154 test cases for comprehensive penetration testing of Android applications and verify that they don’t have any security loopholes.

Read More...
web browser attack
Calender IconJuly 31, 2024
Author Icon
Clock Icon 8 min Read
Web Browser-Based Attacks – Types, Examples, and Prevention

A web browser attack targets vulnerabilities in web browsers to compromise user data. These attacks often involve injecting malicious code into web pages.

Read More...
Managed WAF

Join 51000+ Security Leaders Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

AppTrana

Fully Managed SaaS-Based Web Application Security Solution

Get free access to Integrated Application Scanner, Web Application Firewall, DDoS & Bot Mitigation, and CDN for 14 days

Get Started for Free Request a Demo

Gartner

Indusface is the only cloud WAAP (WAF) vendor with 100% customer recommendation for 4 consecutive years.

A Customers’ Choice for 2024, 2023 and 2022 - Gartner® Peer Insights™

The reviews and ratings are in!