Recognizing the importance of applications to meet global growth initiatives, retail organizations face challenges in balancing security with application delivery timelines. Retail and eCommerce organizations manage large volumes of sensitive data, including personal data and credit card information. This data is being increasingly targeted by hackers and the volume of unfiltered vulnerability data has become […] The post Retail Organizations’ Answer to Application Security | AppSec Solutions for Industries appeared first on NTT Application Security ..read more

RSA Conference 2022 is coming up quickly and our team is excited to return and share what NTT Application Security (NTTAS) has been up to since the last in-person RSA back in 2020. The last two years have yielded a lot of change, both for the AppSec industry and for NTTAS. Traditional appsec programs were […] The post Transform Your AppSec Program at RSA 2022 appeared first on NTT Application Security ..read more

Accountants aren’t the only ones putting in overtime during tax season. It’s also the busiest time of the year for cybercriminals and scam artists. And, for good reason: almost every single American file income tax each year, making for a massive pool of potential targets. Even for cyber-savvy taxpayers, it’s important to remember to stay […] The post 4 Cybersecurity Tax Tips for Last-Minute Filers appeared first on NTT Application Security ..read more

Developer Spotlight: Protecting Your Site from Server Side Request Forgery (SSRF) The security landscape is always changing. As software developers, the challenges of learning the myriad of ways in which someone could attack our sites seems a daunting task. That’s why with the help of security scanning tools, we can check our code isn’t vulnerable […] The post How We Developed SSRF Detection to Help Protect Your Site appeared first on NTT Application Security ..read more

“Since March began thirty days and two,”[1] hackers’ distinctive humorous style has continually regaled. Whether you’re a fan of obscure literary references or just like a good pop culture pun, one thing is for sure, hackers seem to love witty wordplay! While the attacks themselves can spell disaster, we can all appreciate the attempt at […] The post Hackers Never Let April Fools’ Day Go to Waste appeared first on NTT Application Security ..read more

This week a new zero-day Remote Code Execution (RCE) vulnerability was discovered in the Spring Core framework. Named “Spring4Shell,” this exploitable vulnerability has been assigned a dedicated CVE-2022-22965. What We Know While this vulnerability could allow an attacker to remotely execute malicious code on a computing device, this flaw seems to only be exploitable in […] The post Critical Alert: Spring4Shell RCE Vulnerability (CVE-2022-22965) appeared first on NTT Application Security ..read more

Two weeks ago, the world watched in horror as Russia launched an unprovoked attack on Ukraine, a democratically elected, sovereign nation. We continue to watch with admiration as a nation’s civilian population have taken up arms to fight for their homeland. Both domestically and internationally, the response has been galvanizing. Governments have both condemned Russia’s […] The post Protecting from the Ongoing Threat of Russian Cyberattacks appeared first on NTT Application Security ..read more

As Log4j and other zero-day vulnerabilities increasingly disrupt digital business operations around the world, enterprises’ public-facing web applications and APIs face a growing risk of suffering a security breach. And while there is no fail-safe way to do security testing in pre-production that catches all risk—with environmental and system factors taken into account—having the ability […] The post Introducing Vantage Detect: Enterprises’ Last Line of Defense Against Breaches appeared first on NTT Application Security ..read more

The onset of the pandemic caused a high unemployment rate, resulting in layoffs that impacted various roles across industries. With vaccination rollouts underway and many businesses reopening as they look towards returning to “normal,” the number of job listings emerging from the pandemic is rising at a steady cadence as reflected in the 742,000 new […] The post It’s Time To Search For New Talent, But Not Without Due Diligence appeared first on NTT Application Security ..read more

We understand that Heartbleed can lead to heartbreak and potential reputational damage. And a good application security solution should be a long-term relationship not a short-term hookup. So, in the spirit of Valentine’s Day, NTT Application Security has some friendly ‘dating’ advice for DevSecOps engineers. If you see these vulnerability profiles in the wild, take […] The post Roses are #ff0000, violets are #0000ff — don’t let these vulnerability profiles get the best of you! appeared first on NTT Application Security ..read more