Modern application development techniques are constantly innovating, which is a good thing for streamlining and making things easier for businesses working digitally. However, it also creates new challenges for security teams to keep up with. Cloud-native technologies have expedited the production process, but traditional security models are not equipped to handle the complexities of these […]
Today, more businesses than ever use external computing infrastructure like cloud services to support their operations. It allows businesses to save money and scale operations without investing in physical infrastructure. While this is useful, it also creates another avenue which for malicious parties to exploit. As such, in cyber security it’s important that organisations have […]
Today, businesses of all sizes deal with vast amounts of important information. This can be relating to the business’s internal functions, its customers, or the industry overall. Unless managed accordingly, large volumes of information can pose a security challenge for business owners. ISO 27001 serves as a framework for businesses on how to securely process […]
Last year the UK government revealed a planned £2.6 billion investment as part of their 2022-2030 cyber security strategy. However, the government’s Cyber Essentials Certification shows they’ve been paying attention to cyber security for the last decade. This scheme is designed to grant businesses a base level of protection that will shield them from 80% […]
Cyber security threats continue to evolve and as technology becomes more advanced. So too do hackers and the methods they use to attack businesses. With that in mind, we’ll be exploring the importance of cyber security awareness training in 2023. We will also cover some important points for consideration to ensure that the training it […]
Businesses operating online today have a lot to juggle with constantly changing rules and regulations. As well as managing their cybersecurity risk profile. Historically, organisations followed mandated government regulations, complying with industry rules, and accounting for risk separately. However, they can now all be brought under one model known as GRC (Governance, Risk and Compliance). […]
Customers new to the AppCheck platform can often be surprised at the number of vulnerabilities that AppCheck highlights relating to transport encryption offered on their services – unencrypted (plaintext) services, web applications with vulnerable cipher suites, encryption libraries containing exploitable flaws, registration forms that email users passwords in clear text. The list of checks that AppCheck performs […]
What is the OWASP top 10? How does AppCheck stack up against the top 10? OWASP (Open Web Application Security Project) is an organisation that provides unbiased information and advice around computer and internet applications. The OWASP community regularly come together to review what it believes to be the ten most critical security risks to […]
Ask us about your FREE AppCheck Trial In this article we’ll look into what HTTP “verbs” or methods are, how each varies and works, and what the potential security risks are that should be considered with each. We’ll also see how vulnerability scanners such as AppCheck can automatically check for many of the potential vulnerabilities […]
