San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

High-Tech Bridge Security Blog

What’s new in CVSSv3 vulnerability scoring system? September 21, 2015 | High-Tech Bridge Security Research

In June 2015 The Forum of Incident Response and Security Teams (FIRST) has announced the availability of version 3 of the Common Vulnerability Scoring System (CVSS). Let's see the changes it brings in comparison to CVSSv2.

Blind Cross-Site Scripting (XSS) attacks in the wild September 15, 2015 | High-Tech Bridge Security Research

One of the recent web application security researches by Gartner mentioned a blind XSS vulnerability, highlighting the importance of web security software to detect such security flaws. Many of us have heard about blind SQL injections, but what is a blind XSS?

Continuous monitoring and web security: Are you competitive with Black Hats? August 28, 2015 | Ilia Kolochenko for CSO

Nowadays security companies have to compete not only with other vendors, but also with sophisticated cyber gangs. If you will fail to detect and patch security vulnerabilities in a timely manner – Black Hats will do it for you, but for their own ends.

Web Application Security Testing: SAST, DAST or IAST? August 10, 2015 | High-Tech Bridge Security Research

In this short blog post we will try to understand in quick and simple manner the difference between SAST and DAST testing methodologies, their advantages and disadvantages, as well as utility to combine them from the business point of view.

Modern APTs start at your corporate website August 4, 2015 | Ilia Kolochenko for CSO

There hasn’t been a day in recent months when the term “Advanced Persistence Threat” wasn’t making headlines in the media. According to ISACA APT Awareness Study, 93.6 per cent of respondents consider APTs to be a “very serious threat” for their companies.

Cybersecurity and geopolitics are intertwined July 29, 2015 | Ilia Kolochenko for CSO

What is the relation between growing security spending, increasing hacking attacks and falling economy?

How to manage PCI DSS 3.1 Requirement 6.6 for your web applications July 24, 2015 | High-Tech Bridge Security Research

One of the PCI DSS 3.1 requirements is Requirement 6.6 dedicated to web application security. In this blog post we will try to understand how to comply with the requirement in cost-efficient manner.

Think your website isn’t worth anything to hackers? Think again July 22, 2015 | Ilia Kolochenko for CSO

Have you ever thought about the cost of your website compromise?

Practical step-by-step guidance after your company has been hacked July 1, 2015 | Ilia Kolochenko

Everybody tends to think that hackers will never ever target them or their company/organisation until a breach occurs. We have already published several practical examples explaining why hackers target you and your data. Here, I will try to concentrate on post-incident actions and provide some brief advice on what to do after you have been hacked.

The most common information security mistakes of e-commerces June 22, 2015 | Ilia Kolochenko

Almost every month a new incident involving a big retailer, e-commerce or web platform makes the news headlines. Most retail fraud is now committed online, and in 2014 alone hackers managed to steal more than 61 million records from retailers. We will try to analyze the most common managerial and operational mistakes retail organizations make when defending against hackers.