Blog

Resurgence of DAST for SDLC Integration...

Dynamic application security testing – DAST is one of the oldest automated application security testing techniques, it has been around since the mid-1990s. DAST solutions interact with live web applications and web services, acting like a hacker-in-a-box. It has always been popular with penetration testers and security auditors looking to save valuable time. DAST is […]

Discover and Remediate OWASP Top 10...

The information age has advanced the way in which our society generates, stores and exchanges information. Hyperconnectivity, availability and business networking are great benefits of this era. However, we are facing significant new challenges in the realm of cybersecurity and information security, dictating the need for new solutions and a fresh approach to keep up […]

Introduction to Mobile Application Security Testing

If you’re suspecting whether or not your mobile app is secured and safe to use, it may be time to consider a security assessment. Average U.S consumer spends about 3 hours a day on digital media using mobile apps and web usage via smartphone. Since mobile apps are collecting user data from personally identifiable information […]

What are SQL Injections and How...

SQL injections represent a code injection technique used to attack applications and the data they hold. They usually occur when user input is required, for example, username, but the user gives an SQL statement instead. SQL injections exploit vulnerabilities in the application layer. One example is when a user’s input is either incorrectly filtered, or […]

Integrating NexPloit scanning into Azure DevOps

Why should security testing be implemented in the DevOps process? DevOps focuses on speedy completion of the development processes for faster delivery of products and services at a higher quality. Not considering security in the development process can leave your application vulnerable to attacks. This is no different than releasing buddy software. For example, stored […]

Cybersecurity In the Era of Industry...

In the era referred to as ‘Industry 4.0’ or ‘The Fourth Industrial Revolution,’ two of the pillars of the technology field;  automation and data transfer are closely coupled with concerns regarding cybersecurity. As organizations own, or use more and more information and assets which become additional nodes in the network, the attack surface area increases […]

What are APIs and How can...

What is an API? An API (Application Programming Interface) allows developers to create applications that access the features or data of an operating system, application, or service utilizing a set of functions and procedures. An API can be looked at as a “contract” between a client and a server. If the client sends a request […]

DOM XSS: What Is DOM-based Cross-Site...

DOM XSS stands for Document Object Model-based Cross-site Scripting. This kind of XSS attack occurs when an application receives some client-side JavaScript that processes data from an unsafe, or untrusted source by writing the data to a potentially dangerous sink within the DOM instead of writing data in HTML which would present a regular XSS. […]

The Top 5 Challenges of Microservices...

Over the past few years, development and deployment of microservices have become the leading method of application development. Unfortunately, security testing has not evolved quickly enough to address the risks introduced by this mass adoption of microservices.   The common practice is to test for vulnerabilities in each microservice, the reason is that every instance of […]

The History and Future of Artificial...

In today’s world, due to the ever-growing and accelerating amount of the data that needs to be tested and it’s complexity, it’s impossible to keep up using simple automation, which relies on manually coded, heuristic-based solutions. AI is emerging as an important new step in the evolution of automation, being able to take on challenges […]

The Cost of a Data Breach...

The Average Cost of a Data Breach For the 14th year, IBM and the Ponemon Institute have released their annual “Cost of a Data Breach” report, aggregating the costs reported by 507 organizations, from 17 industries, and 16 regions. IBM and Ponemon interviewed 3,211 individuals and collected data points regarding the number of client records […]

What We Learned At CyberTech Europe

A synopsis of our experience whilst exhibiting at the Innovation Zone at Cybertech Europe 2019 by our SVP Sales & Partnerships, Oliver Moradov. CyberTech has historically been a great event for us, winning the CyberTech TLV 2019 competition as the most innovative and disruptive solution in Cyber – and the event in Rome was as […]

Recap - NeuraLegion's CTO speaking at...

It was great to be invited to be part of the inaugural Yalla DevOps event in association with JFrog, last week in Herzliya, Israel. The event was attended by business leaders and DevOps gurus from industry leading companies such as Microsoft, IBM, HP, Synk and SAP, sharing their best practices for software delivery success. Although […]

Security Awareness Training - How to...

As the cost of insecure applications grows more and more evident by the day, are we doing everything we can and should, to mitigate the risk? Implementing an information security awareness policy will enable you to impose security responsibilities as part of your corporation’s security protocols and practices. What is Security Awareness? Workplace Security Awareness […]

10 Most Important Things a CTO...

This article takes a look at the top 10 things a CTO needs to know about application security in order to motivate and grow the maturity of the development environment towards a strong application security posture. Business models are evolving to tackle the ever-growing challenges of cybersecurity risk and the numerous threats and attack vectors […]

Introducing our NEW Website and NEW...

Our NEW Website; our NEW AIAST Product range – your automated AppSec testing platform has got even better..! With a fresh new user experience, our new website mimics our expanding role as the most innovative and disruptive Application Security Testing platform on the market, powered by AI..! With advanced features like streamlined navigation and intuitive […]

DevSecOps - Make smarter decisions about...

Writing secure code is becoming a greater challenge every day. Even the largest multinational companies that attract the best developers from all around the world, face the same problem. They are suffering vulnerabilities in their code, from SQL Injection, Cross-Site Scripting, to backdoors. Security is a broad field and one that is difficult to keep […]

Meet Us at Cybertech Europe 2019..!

Cybertech is the most important conference and exhibition for cyber technologies outside of the United States, conducting industry-related events all around the globe We will be exhibiting at CyberTech Europe 2019 from 24-25 September in Rome, Italy. We look forward to meeting with our current Italian partners and clients and engaging with new ones, strengthening […]

NeuraLegion’s CTO speaking at Yalla DevOps

We are happy to announce that our Co-Founder and CTO Bar Hofesh, will be presenting as part of the DevSecOps technical track at the Yalla DevOps event, in association with JFrog, on the 24th September 2019 in Herzliya, Israel.This is the first event of its kind and we look forward to being a part of […]

What Is a Fuzzer and What...

Fuzzing is the art of automatic bug detection,  used for assessing the security and stability of applications and software. A Fuzzer sends invalid, unexpected, random data to the targeted application’s input points in order to stress the application to cause unexpected behavior, resource leaks, or even a crash. Why Should you Fuzz Your Applications? The […]