Compartir
))
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
Manage episode 377415255 series 105700
Contenido proporcionado por Security Weekly. Todo el contenido del podcast, incluidos episodios, gráficos y descripciones de podcast, lo carga y proporciona directamente Security Weekly o su socio de plataforma de podcast. Si cree que alguien está utilizando su trabajo protegido por derechos de autor sin su permiso, puede seguir el proceso descrito aquí https://es.player.fm/legal.
The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats.
This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!
In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more!
Visit https://securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw-255
2650 episodios
