Subscribe to our Blog

Get the Latest Application Security News and Content

How-To

Your Website got Hacked? Here is what you should do!

Has your website been hacked? Don’t panic! We prepared a simple list of steps for you to follow to recover it. ...

22.09.2020

Vulnerabilities

HTTP Request Smuggling (HRS)

Most modern websites are forced to use a cluster of servers to deliver a better user experience. Website users can’t ...

31.08.2020

AppSec Testing

SAST vs DAST

In our last post we talked about SAST solutions and why they are not always the best  solution for AST. In this ...

25.08.2020

News

NeuraLegion is now ISO 27701 Certified!

We at NeuraLegion are very proud to announce that we have been awarded the accredited certification on ISO 27701, the...

21.07.2020

Vulnerabilities

The Ultimate Beginners Guide to XSS

Intro Cross-site scripting (XSS) is an old but always relevant and dangerous type of attack that plagues almost all w...

15.07.2020

Subscribe to our Blog

Get the Latest Application Security News and Content

News

NeuraLegion announces strategic partnership with Webomates to Expand Quality Assurance into Security Assurance

Webomates, the leading global provider of Testing as a Service & NeuraLegion which provides a modern-day DAST sol...

16.06.2020

Vulnerabilities

SSRF - Server-Side Request Forgery

Intro Server-Side Request Forgery (SSRF) attacks allow an attacker to make requests to any domains through a vulnerab...

29.04.2020

AppSec Testing

Top 5 ways WordPress websites get hacked

WordPress has many advantages and is not without reason the most popular way to build a website, with 60% of pages on...

22.04.2020

News

Marriott experienced a data breach - Again!

The hotel giant Marriott confirmed a new data breach, this time involving the personal information of 5.2 million gue...

03.04.2020

News

Important Notice: Microsoft Reports Two Critical 0-day Vulnerabilities in all Supported Windows Versions - No Patch Available Yet

Microsoft warned billions of Windows users of two critical 0-day vulnerabilities in all currently supported versions ...

26.03.2020

AppSec Testing

WebSocket Security: Top 7 WebSocket Vulnerabilities

The basics Why are WebSockets popular today? Because they greatly simplify the communication between a client and a s...

23.03.2020

Vulnerabilities

How DOM XSS Attacks work

According to various research and studies, up to 50% of websites are vulnerable to DOM Based XSS vulnerabilities. Sec...

16.03.2020

News

My first-time RSA experience

Last week I attended my first RSA Conference in San Francisco representing NeuraLegion. I wanted to share my impressi...

04.03.2020

Vulnerabilities

API Security: Top 7 SOAP API vulnerabilities

Learn what is the purpose of SOAP APIs, how they function, the main difference between REST and SOAP APIs, and what y...

19.02.2020

Vulnerabilities

The most common LDAP Injections and how they work

In the first part of the LDAP Injections blog, we talked about the basics. The definition of LDAP Services, how they ...

18.02.2020

AppSec Testing

Best ways to test Microservices Security

The use of microservices results in many new, open and vulnerable connections. Microservices expose endpoints which a...

13.02.2020

AppSec Testing

The ever-present threat of Magecart attacks

Do you know what “skimming” is? It’s a method that hackers use to gather sensitive information in online payment foru...

12.02.2020

Vulnerabilities

Introduction to LDAP Injection

What is LDAP? Information technologies keep progressing at incredible speed. This entails an increase in the amount o...

11.02.2020

AppSec Testing

Vulnerabilities, Cyber Threats, Threat Actors and Risks

There is a never-ending discussion about the terminology around Threat Modeling. In order to have control over data s...

24.01.2020

AppSec Testing

Why are SAST solutions not always the best option for AST?

There are many methodologies you can use to detect application vulnerabilities. One of the most common methodologies ...

22.01.2020

Vulnerabilities

Operating System Command Injection vulnerabilities and the danger they present

Today we’ll discuss Operating System Command Injection vulnerabilities. How much of a threat are they? How can you pr...

20.01.2020

Vulnerabilities

Cross-Site Scripting: Everything you need to know about XSS Attacks

What is Cross-Site Scripting (XSS)? Cross-site Scripting (XSS) represents a client-side code injection attack. By per...

17.01.2020

AppSec Testing

API Security: The rising importance of API Security

Why is API Security important? Today we’ll be discussing the ever-rising importance of API security, but first, let’s...

16.01.2020

Vulnerabilities

Local File Inclusion (LFI) - What is LFI and how to deal with it

What is Local File Inclusion (LFI)? Today we will be discussing Local File Inclusions, LFI for short. First things fi...

15.01.2020

Vulnerabilities

Open Redirect Vulnerabilities: Discovering and remediating Open Redirect Vulnerabilities

What is an Open Redirect Vulnerability? An Open Redirect Vulnerability entails an attacker manipulating the user and ...

14.01.2020

News

NeuraLegion & Bind announce strategic partnership to deliver Application Security Testing Solutions

The partnership will focus on Bind distributing NeuraLegion’s solutions and offering services associated with these s...

14.01.2020

AppSec Testing

Dynamic Application Security Testing (DAST)

What is Dynamic Application Security Testing (DAST)? Dynamic Application Security Testing (DAST) is an Application Se...

09.01.2020

AppSec Testing

Software vulnerability risks in the DevOps era

Accelerated software development means less time spent on security Time to market is everything. In today’s industry,...

07.01.2020

AppSec Testing

Data Breaches Due to Exposed Databases

As we wrap up our posts for 2019 we thought we would recap the “joy” of some significant breaches that happened in th...

30.12.2019

AppSec Testing

Shifting Left - The importance of implementing application Security Throughout the SDLC

Developers and students have to be told to pay attention to security Recent studies show that developers do not activ...

27.12.2019

Vulnerabilities

What is an XML External Entity (XXE) Injection?

XML external entity injection, also known as XXE attacks, is one of the most common security vulnerabilities in web a...

16.12.2019

News

What we learned from a very successful Black Hat Europe Conference

We exhibited at Black Hat Europe, one of the Industry’s flagship events, drawing more than 3,000 Cyber Security...

13.12.2019

Vulnerabilities

The Basics and Prevention of Blind SQL Injections

Blind SQL injections occur when a web application is exposed to SQL injection, but it’s HTTP responses don̵...

11.12.2019

Vulnerabilities

What is a Cross-Site Request Forgery (CSRF) Attack & How It can be prevented

Cross-site Request Forgery (CSRF/XSRF), also known as Sea Surf or Session Riding is a web security vulnerability that...

09.12.2019

News

NeuraLegion at East Coast CyberSecurity Delegation

Last week NeuraLegion was honored to be one of a select group of Cybersecurity companies invited to participate in a ...

02.12.2019

News

CircleCI and NeuraLegion team up to provide a superior DevSecOps process

Implementing a DevSecOps process was never easier! CircleCI, a leader in cloud-native Continuous Integration, accordi...

20.11.2019

News

NeuraLegion Welcomes new VP of R&D, Sijawusz Pur Rahnama

NeuraLegion is proud to announce and welcome Company’s new VP of R&D, Sijawusz Pur Rahnama. Sija has a wealth of ...

14.11.2019

AppSec Testing

Resurgence of DAST for SDLC Integration and Scan Automation

Dynamic application security testing – DAST is one of the oldest automated application security testing techniq...

11.11.2019

How-To

Discover and Remediate OWASP Top 10 Vulnerabilities using AIAST®

The information age has advanced the way in which our society generates, stores and exchanges information. Hyperconne...

08.11.2019

Vulnerabilities

What are SQL Injections and How can they be prevented

SQL injections represent a code injection technique used to attack applications and the data they hold. They usually ...

01.11.2019

How-To

Integrating NexPloit scanning into Azure DevOps

Why should security testing be implemented in the DevOps process? DevOps focuses on speedy completion of the developm...

30.10.2019

AppSec Testing

Cybersecurity In the Era of Industry 4.0

In the era referred to as ‘Industry 4.0’ or ‘The Fourth Industrial Revolution,’ two of the pillars of the technology ...

28.10.2019

Vulnerabilities

DOM XSS: What Is DOM-based Cross-Site Scripting And How can you Prevent it?

DOM XSS stands for Document Object Model-based Cross-site Scripting. This kind of XSS attack occurs when an applicati...

23.10.2019

AppSec Testing

The Top 5 Challenges of Microservices Security

Over the past few years, the development and deployment of microservices have become the leading method of applicatio...

16.10.2019

AppSec Testing

The History and Future of Artificial Intelligence in Application Security

In today’s world, due to the ever-growing and accelerating amount of the data that needs to be tested and it’s comple...

14.10.2019

AppSec Testing

The Cost of a Data Breach and Latest Statistics

The Average Cost of a Data Breach For the 14th year, IBM and the Ponemon Institute have released their annual “Cost o...

09.10.2019

AppSec Testing

Security Awareness Training - How to Embrace Security Awareness Inside Your Company

As the cost of insecure applications grows more and more evident by the day, are we doing everything we can and shoul...

19.09.2019

AppSec Testing

10 Most Important Things a CTO Needs To Know About Application Security

This article takes a look at the top 10 things a CTO needs to know about application security in order to motivate an...

11.09.2019

AppSec Testing

DevSecOps - Make smarter decisions about your application’s security

Writing secure code is becoming a greater challenge every day. Even the largest multinational companies that attract ...

30.08.2019

News

Meet Us at Cybertech Europe 2019..!

Cybertech is the most important conference and exhibition for cyber technologies outside of the United States, conduc...

29.08.2019

AppSec Testing

The Art of Fuzzing

There are several methodologies you can use to find vulnerabilities in your applications, each method coming with its...

19.07.2019