News
Marriott experienced a data breach – Again!
The hotel giant Marriott confirmed a new data breach, this time involving the personal information of 5.2 million guests. According to an online notice that
April 3, 2020
AppSec Blog
News
Important Notice: Microsoft Reports Two Critical 0-day Vulnerabilities in all Supported Windows Versions – No Patch Available Yet
Microsoft warned billions of Windows users of two critical 0-day vulnerabilities in all currently supported versions of Microsoft Windows, both server and desktop. These vulnerabilities
March 26, 2020
AppSec Testing
WebSocket Security: Top 7 WebSocket Vulnerabilities
The basics Why are WebSockets popular today? Because they greatly simplify the communication between a client and a server. Sockets, in general, have been used
March 23, 2020
Vulnerabilities
How DOM XSS Attacks work
According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Security researchers detected DOM XSS issues even
March 16, 2020
News
My first-time RSA experience
Last week I attended my first RSA Conference in San Francisco representing NeuraLegion. I wanted to share my impressions and thoughts as a first-timer at
March 4, 2020
Vulnerabilities
The most common LDAP Injections and how they work
In the first part of the LDAP Injections blog, we talked about the basics. The definition of LDAP Services, how they get exploited, and what
February 18, 2020
AppSec Testing
Best ways to test Microservices Security
The use of microservices results in many new, open and vulnerable connections. Microservices expose endpoints which are usually referred to as APIs to the public.
February 13, 2020
AppSec Testing
The ever-present threat of Magecart attacks
Do you know what “skimming” is? It’s a method that hackers use to gather sensitive information in online payment forums. Credit card numbers, email addresses,
February 12, 2020
AppSec Testing
Vulnerabilities, Cyber Threats, Threat Actors and Risks
There is a never-ending discussion about the terminology around Threat Modeling. In order to have control over data security issues that could potentially impact your
January 24, 2020
AppSec Testing
Why are SAST solutions not always the best option for AST?
There are many methodologies you can use to detect application vulnerabilities. One of the most common methodologies is Static Application (or Analysis) Security Testing. Before
January 22, 2020
Vulnerabilities
Command Injection Vulnerabilities and the Danger They Present
Today we’ll discuss Operating System Command Injection vulnerabilities. How much of a threat are they? How can you prevent these vulnerabilities? How NexDAST helps to
January 20, 2020
AppSec Testing
The rising importance of API Security
Why is API Security important? Today we’ll be discussing the ever-rising importance of API security, but first, let’s start with the basics. What is an
January 16, 2020
Vulnerabilities
Discovering and remediating an Open Redirect Vulnerability
What is an Open Redirect Vulnerability? An Open Redirect Vulnerability entails an attacker manipulating the user and redirecting them from one site to another (one
January 14, 2020
News
NeuraLegion & Bind announce strategic partnership to deliver Application Security Testing Solutions
The partnership will focus on Bind distributing NeuraLegion’s solutions and offering services associated with these solutions. Tel Aviv, Israel: NeuraLegion today announced a new partnership
January 14, 2020
AppSec Testing
Dynamic Application Security Testing (DAST)
What is Dynamic Application Security Testing (DAST)? Dynamic Application Security Testing (DAST) is an Application Security Testing methodology in which the application is tested in
January 9, 2020
© 2021 NeuraLegion Ltd. All Rights Reserved