Intro Server-Side Request Forgery (SSRF) attacks allow an attacker to make requests to any domains through a vulnerab...

WordPress has many advantages and is not without reason the most popular way to build a website, with 60% of pages on...

Microsoft warned billions of Windows users of two critical 0-day vulnerabilities in all currently supported versions ...

The basics Why are WebSockets popular today? Because they greatly simplify the communication between a client and a s...

According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Sec...

Learn what is the purpose of SOAP APIs, how they function, the main difference between REST and SOAP APIs, and what y...

In the first part of the LDAP Injections blog, we talked about the basics. The definition of LDAP Services, how they ...

The use of microservices results in many new, open and vulnerable connections. Microservices expose endpoints which a...

Do you know what “skimming” is? It’s a method that hackers use to gather sensitive information in online payment foru...

What is LDAP? Information technologies keep progressing at incredible speed. This entails an increase in the amount o...

There is a never-ending discussion about the terminology around Threat Modeling. In order to have control over data s...

The Basics of Static Application Security Testing (SAST) First, let’s cover some basics of what exactly is SAST? It’s...

Today we’ll discuss Operating System Command Injection vulnerabilities. How much of a threat are they? How can you pr...

What is Cross-Site Scripting (XSS)? Cross-site Scripting (XSS) represents a client-side code injection attack. By per...

Why is API Security important? Today we’ll be discussing the ever-rising importance of API security, but first, let’s...

What is Local File Inclusion (LFI)? Today we will be discussing Local File Inclusions, LFI for short. First things fi...

What is an Open Redirect Vulnerability? An Open Redirect Vulnerability entails an attacker manipulating the user and ...

The partnership will focus on Bind distributing NeuraLegion’s solutions and offering services associated with these s...

What is DAST and why is it necessary for your business? What is the best way to see if your security measures are goo...

Accelerated software development means less time spent on security Time to market is everything. In today’s industry,...

As we wrap up our posts for 2019 we thought we would recap the “joy” of some significant breaches that happened in th...

Developers and students have to be told to pay attention to security Recent studies show that developers do not activ...

XML external entity injection, also known as XXE attacks, is one of the most common security vulnerabilities in web a...

We exhibited at Black Hat Europe, one of the Industry’s flagship events, drawing more than 3,000 Cyber Security...

Blind SQL injections occur when a web application is exposed to SQL injection, but it’s HTTP responses don̵...

Cross-site Request Forgery (CSRF/XSRF), also known as Sea Surf or Session Riding is a web security vulnerability that...

Last week NeuraLegion was honored to be one of a select group of Cybersecurity companies invited to participate in a ...

Implementing a DevSecOps process was never easier! CircleCI, a leader in cloud-native Continuous Integration, accordi...

NeuraLegion is proud to announce and welcome Company’s new VP of R&D, Sijawusz Pur Rahnama. Sija has a wealth of ...

Dynamic application security testing – DAST is one of the oldest automated application security testing techniq...

The information age has advanced the way in which our society generates, stores and exchanges information. Hyperconne...

SQL injections represent a code injection technique used to attack applications and the data they hold. They usually ...

Why should security testing be implemented in the DevOps process? DevOps focuses on speedy completion of the developm...

In the era referred to as ‘Industry 4.0’ or ‘The Fourth Industrial Revolution,’ two of the pillars of the technology ...

DOM XSS stands for Document Object Model-based Cross-site Scripting. This kind of XSS attack occurs when an applicati...

Over the past few years, the development and deployment of microservices have become the leading method of applicatio...

In today’s world, due to the ever-growing and accelerating amount of the data that needs to be tested and it’s comple...

The Average Cost of a Data Breach For the 14th year, IBM and the Ponemon Institute have released their annual “Cost o...

A synopsis of our experience whilst exhibiting at the Innovation Zone at Cybertech Europe 2019 by our SVP Sales &...

It was great to be invited to be part of the inaugural Yalla DevOps event in association with JFrog, last week in Her...

As the cost of insecure applications grows more and more evident by the day, are we doing everything we can and shoul...

This article takes a look at the top 10 things a CTO needs to know about application security in order to motivate an...

Writing secure code is becoming a greater challenge every day. Even the largest multinational companies that attract ...

Cybertech is the most important conference and exhibition for cyber technologies outside of the United States, conduc...

We are happy to announce that our Co-Founder and CTO Bar Hofesh, will be presenting as part of the DevSecOps technica...

Fuzzing is the art of automatic bug detection,  used for assessing the security and stability of applications an...