San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Blog

Bypassing Bitrix WAF via tiny regexp error February 3, 2016 | High-Tech Bridge Security Research

Bitrix24 is one of the first and most secure cross-platform corporate software with integrated WAF and RASP. Let's see how we can bypass them.


Facebook scandal or can bug bounties replace traditional web security? January 11, 2016 | Ilia Kolochenko for CSO

Can crowd-sourcing approach to web security testing work for your corporate applications?


A Brief History of Spear Phishing January 6, 2016 | Daniel Brecht (via InfoSec Institute)

Learn the best practices for developing a security awareness training program that is engaging. Engaging awareness programs have been shown to change more users’ behavior and are seen as an asset for your organization instead of annoyance.


How to calculate ROI and justify your cybersecurity budget December 16, 2015 | Ilia Kolochenko for CSO

If you speak with management about money – speak their language and you will definitely get what you need.


Five reasons why hackers easily get into corporate websites December 15, 2015 | Ilia Kolochenko for CSO

Vulnerable web application is just one of the great gifts left for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. Why companies fail to secure their web apps?


Can you trust SSL encryption of your email provider? December 1, 2015 | High-Tech Bridge Security Research

Have you ever though how secure and reliable is your SSL/TLS connection to your email servers? A brief research about encryption implementation of the most popular free email providers.


Spending millions on APT defense? Don’t forget about Third Party Risk Management November 9, 2015 | Ilia Kolochenko for CSO

Being a large company, you have a risk when hiring a third-party consultant - you condemn them to be hacked instead of you.


Can we trust our HTTPS connections to the largest global companies? October 28, 2015 | High-Tech Bridge Security Research

How efficiently do the Global 2000 companies protect our data between their web servers and our computers or mobiles?


DDoS attacks: a perfect smoke screen for APTs and silent data breaches October 12, 2015 | Ilia Kolochenko for CSO

Growing DDoS attacks more and more frequently try to distract incident response teams in order to hide much bigger security incidents.


How to secure the Internet of Things and who should be liable for it? October 6, 2015 | Ilia Kolochenko for CSO

How to secure connected devices before it will be too late?