How to prevent SQL injection

Despite being one of the oldest known web application attacks, SQL injections continue to feature in data breach headlines, from MOVEit Transfer to Zendesk and beyond. This article discusses ways of preventing SQL injection vulnerabilities to make sure incoming attack payloads can’t get a foothold in your systems.

VIDEO: What is Netsparker? An Interview with Ferruh Mavituna

In this video interview, Netsparker CEO and founder Ferruh Mavituna explains what is Netsparker and also talks about the technology that makes the Netsparker web vulnerability scanning technology dead-accurate.

SQL injection cheat sheet

The Importance of Finding All Vulnerabilities on Your Web Applications

Although compliance is mandatory, a secure web application is more important. This article explains why website owners should focus on finding and fixing all possible vulnerabilities on their web applications, even if it means doing much more than PCI DSS compliance require.

Security Weekly and Ferruh Mavituna Talk Automation and Scaling Up Web Application Security

During episode #442 of Security Weekly, Ferruh Mavituna, Paul Asadoorian, Jeffrey Man and several other web security professionals talk about the challenges of automating web application security and how companies can scale up automated web application security scanning and scan 100s and 1000s of web applications with the least possible resources.

Understanding the Differences Between Technical and Logical Web Application Vulnerabilities

Web application vulnerabilities can be split within two categories; logical and technical vulnerabilities. This post explains the main differences between these two different vulnerability categories.

An Introduction to the Digital Black Market, or as also known, the Dark Web

Have you ever wondered about what happens in the digital black market, or as better known the dark web? Do you know how easy it is for someone who does not have any security experience to buy a tool that can find vulnerabilities in websites and exploit them automatically? Read this article for more detailed information of how the dark web evolved and about the things you and anyone else can do with just a little bit of money.

An Easy to Use Web Application Security Scanner Means More Secure Web Applications

Most security software is very difficult to use hence businesses and organizations are failing to ensure the security of their IT assets. See how Netsparker is helping businesses ensure the long term security of their websites and web applications by developing an easy to use web application security scanner that also allows more automation.

Using Invicti To Comply With The OWASP Application Security Verification Standard When Developing Web Applications

The OWASP Application Security Verification Standard is a set of standards developed by OWASP to help developers write more secure code and web applications. This article explains how an automated web application security scanner such as Netsparker can help you comply with OWASP ASVS and develop more secure web applications.

Security Weekly Interviews Ferruh Mavituna about Web Application Security

In this interview with Security Weekly, Ferruh talks about web application security and explains how he got started, why Netsparker Enterprise is the ideal tool for large organizations who would like to ensure the security of all their web applications, explains how the false positive free vulnerability scanning technology works and much more.

Netsparker Enterprise or Netsparker Desktop?

Should you use the desktop edition of Netsparker or go for Netsparker Enterprise, the new online web application security scanner? This article talks about the scope of both products and explains in detail what they are to help you better understand both products and choose the best solution.

What Can You Learn from 87 Advisories About Web Application Vulnerabilities?

This article looks into the details of all the 87 advisories Netsparker published about SQL Injection, XSS and other vulnerabilities Netsparker Web Application Security Scanner identified in several open source web applications. It uses statistics to highlight the state of security of both open source and non open source web applications.

Passwords vs. Pass Phrases – Innovation and Evolution

This third and last password paper looks into new innovations and evolution of passwords and authentication mechanisms. It looks into what other options there are available should we opt for something more secure than passwords and pass phrases.