CONTRIBUTOR LORI MAC VITTIE

blog /déc. 14, 2017

The Credential Crisis: It’s Really Happening

With billions of data records compromised, it’s time to reconsider whether passwords are our best means for authenticating users.

blog /nov. 21, 2017

If Your Security Question List Looks like a Facebook Favorite List, Start Over Now

Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?

blog /oct. 24, 2017

Help Guide the Future of Apps – Ultimately your Threat Landscape – by Responding to our SOAD Survey!

Assessing the State of Application Delivery depends on getting information from you about your applications!

blog /oct. 17, 2017

New Threat May Slip through the KRACK in BYOD Policies

Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.

blog /oct. 04, 2017

The Good News about Breaches

Security breaches in the news serve as a good reminder to check and make sure you have a solid application protection strategy in place, starting with never trusting user input.

blog /août 17, 2017

Cry “Havoc” and Let Loose the Thingbots of War!

Gray hats might have good intentions launching their “vigilante” botnets, but are they really helping us win the war against Death Star-sized thingbots?

blog /juin 06, 2017

Default Passwords Are Not the Biggest Part of the IoT Botnet Problem

Providers and manufacturers could go a long way toward reducing the very real threat of IoT.

blog /mai 18, 2017

Why Cloud Sprawl is a Security Risk

Cloud sprawl isn’t just a budget sinkhole; it’s quickly becoming a security blind spot and potential attack vector for data theft.

blog /avr. 25, 2017

Internet, We (Still) Have a Problem with Internationalized Domain Names

Even URLs that look legitimate can be fake, so train, train, train your users to verify links before they click.

blog /mars 09, 2017

Security’s “Rule Zero” Violated Again with Zero-Day Apache Struts 2 Exploit

If you’re running Apache Struts 2 and the vulnerable component, stop reading and update now.

blog /mars 03, 2017

Speed Over Security Still Prevalent in Spite of Substantial Risk for IoT Apps

Speed to market means IoT and mobile apps are being released with known vulnerabilities.

blog /févr. 24, 2017

Cloudbleed: What We Know and What You Should Do

Definitive steps individuals and organizations can take today to deal with the impact of Cloudbleed.

blog /févr. 02, 2017

Friendly Reminder: App Security in the Cloud is Your Responsibility

Nearly 200,000 servers are still vulnerable to Heartbleed—and the organizations who own them might surprise you.

article /janv. 19, 2017

The New Insider Threat: Automation Frameworks

One of the pillars of DevOps is - according to its founders - automation. Along with automation naturally comes orchestration, which as you might guess is automation but at a higher level of abstraction. Where automation focuses on using...

blog /nov. 14, 2016

Security’s Blind Spot: Application Layer Visibility

We’ve all seen after-the-fact security camera footage of a wide variety of crimes splashed across social media and news sites. This visibility is a critical component of any judicial system, as it helps identify who did what and provides crucial, objective evidence of what actually happened.

blog /oct. 04, 2016

Bug Bounty Programs Only Half the Battle

What's the other half? And why don't organizations just find and fix their own bugs?

blog /août 12, 2016

Is HEIST a Risk or a Threat?

HEIST is an example of how risk and threat are different, and why the distinction matters.

stay up to date

Get the latest application threat intelligence from F5 Labs.

There was an error signing up.
Thank you, your email address has been signed up.

Follow us on social media.