Exploring the LogViewer in ServerDefender VP

Posted: November 15th, 2014

Security You Can See For the least few years, we have been developing ServerDefender VP, an advanced Web application firewall for IIS. One of the features that has been evolving along with ServerDefender VP is the LogViewer. This is the hub of the WAF where users can interact with and monitor malicious traffic hitting their site. Since there […]

Read More

2011 Web Security Statistics and How to Avoid Being a Victim in 2012

Posted: February 27th, 2012

  The More We Know, The Better We Can Prepare The landscape of web security is constantly changing with hacking attacks growing more prevalent and diverse.Our job is to constantly be evaluating that ever-changing landscape so we can stay one step ahead and be prepared in the event of an attack.Here are some resources from […]

Read More

Thoughts On Defensive Development for Sitecore

Posted: February 25th, 2012

Recently, Port80’s Joe Lima and Thomas Powell presented a talk on Web Application Security for Sitecore.  If you run Sitecore, you are a perfect candidate for ServerDefender VP! The presentation can be viewed on Slideshare below.  

Read More

Preparing for New PCI Standards

Posted: August 16th, 2010

According to CSP Daily News the PCI Security Standards Council has just introduced the plan for Version 2.0 of its PCI standards which are due to take effect in October of 2010. Version 2.0 of PCI DSS and PA-DSS do not introduce any new major requirements. Key updates, clarifications and guidance include:

Read More

The Windows Server 2008 Security Compliance Manager

Posted: July 2nd, 2010

A new helpful free tool from Microsoft, the Security Compliance Manager provides an end-to-end solution to help plan, deploy, and monitor the security baselines of computers running Windows Server 2008. The Security Compliance Manager provides centralized security baseline management features, a baseline portfolio, customization capabilities, and security baseline export flexibility to accelerate your organization’s ability […]

Read More

You Can’t Catch What You Can’t See

Posted: July 20th, 2009

The importance of Web application firewalls The front of your website can appear as calm as a lake surface, but underneath do you really know what kind of trouble is brewing? While your website is online it is being subjected to traffic; tons of traffic for some of you lucky ones, some legitimate, some suspect. […]

Read More

Have you been XSSed?

Posted: April 20th, 2009

In his recent article on XSS vulnerabilities, Brian Krebs of the Washington Post reports that last year thousands of Web sites were cited for harboring security flaws that could be used to attack others online. “At issue are sites that harbor so-called cross-site scripting (XSS) vulnerabilities, which occur when Web sites accept input from a […]

Read More

Report: Top 25 Most Dangerous Programming Errors

Posted: January 16th, 2009

The Information Security community has been buzzing this week with talk of the newly released CWE/SANS Top 25 Most Dangerous Programming Errors. The goal of the report is to identify not just security vulnerabilities (think OSASP Top Ten), but the programming errors that create those holes.

Read More