Browse communities
Browse communities
Presenting a webinar?

Web Application Attack Trends

Ryan C. Barnett
Profit and ideology are the two biggest motivations driving cyber attacks against Web applications – with all business types and governments as potential targets. The best way to combat attacks of this nature through awareness and analysis of Web application security threats.

During this webinar, Ryan C. Barnett, senior security researcher for Trustwave SpiderLabs and leader of the Web Application Security Consortium's (WASC) Web Hacking Incidents Database (WHID), will:

•Review current attack trends and stats
•Highlight analysis from the WHID and honeypot data
•Identify top Web application security practices

This event is ideal for businesses that have Web applications and need to protect the data flowing through those applications.
Apr 26 2012
63 mins
Web Application Attack Trends
More from this community:

Big Data and Data Management

  • Live and recorded (816)
  • Upcoming (37)
  • Date
  • Rating
  • Views
  • Join us on Thursday, April 16, 2015 at 11:00 AM PST/2:00 PM EST for this follow-up webinar to the Introduction to Apache Ignite(TM) (incubating) webinar, in which GridGain co-founder and EVP of Engineering and Ignite PMC Chair, Dmitriy Setrakyan will take a deep dive into several coding examples.
  • Ingesting raw data into Hadoop is easy, but extracting business value leveraging exploration tools is not. Hadoop is a file system without a data model, data quality, or data governance, making it difficult to find, understand and govern data.

    In this webinar, Tony Baer, Principal Analyst of Ovum Research, will address the gaps and offer best practices in the end-to-end process of discovering, wrangling, and governing data in a data lake. Tony Baer will be followed by Oliver Claude who will explain how Waterline Data Inventory automates the discovery of technical, business, and compliance metadata, and provides a solution to find, understand, and govern data.

    Attend this webinar if you are:
    --A big data architect who wants to inventory all data assets at the field level automatically while providing secure self-service to business users
    --A data engineer or data scientist who wants to accelerate data prep by finding and understanding the best suited and most trusted data
    --A Chief Data Officer or data steward who wants to be able to audit data lineage, protect sensitive data, and identify compliance issues
  • Targeted malware, zero-day vulnerabilities and advanced persistent threats are increasingly responsible for data breaches. Why? Because they work. Most security products have a hard time protecting from advanced malware. This problem is compounded because attackers can easily mass produce new malware variants. What’s an IT person to do?

    Join us to learn key techniques to stop modern malware the first time. We will discuss:
    •What tactics work
    •Where to apply them
    •How to optimize cost, staffing and security.
  • Immer mehr Unternehmen evaluieren Amazon Web Services als Zielplattform für die Umsetzung von neuen Projekten. Dabei kann auf eine umfangreiche Auswahl von Services, die vom Virtualisierungsservice (EC2) über relationale Datenbanken (RDS) bis hin zur Echtzeitverarbeitung von Streaming Big Data (Kinesis) reichen, zurückgegriffen werden. Unabhängig von der Serviceauswahl, stellt sich in jedem Projekt die Frage nach der Integration mit bereits existierenden und zukünftig in Frage kommenden Systemen.

    Informatica Cloud bietet Unternehmen eine Integrationsplattform, die speziell für die Anforderungen von Cloud Applikationen entwickelt wurde. Mit Hilfe von verfügbaren Konnektoren zu internen und Cloud-basierten Anwendungen, Datenbanken, Flat Files und sozialen Netzwerken, lassen sich auch hybride Integrationsszenarien problemlos abbilden. Dabei bieten Schritt-für-Schritt Assistenten eine Anleitung für gängige Anwendungsfälle der Cloud-Integration und ermöglichen es so auch unerfahrenen Anwendern schnell erste Integrationsprozesse zu implementieren.

    Mit Informatica Cloud für Amazon Web Services können Unternehmen mit Hilfe von verfügbaren Konnektoren, Daten von und nach Amazon S3, Amazon RDS, Amazon DynamoDB und Amazon Redshift synchronisieren. Insbesondere der Redshift-Konnektor vereinfacht und automatisiert den komplexen Ladeprozess und stellt sicher, dass der von Amazon empfohlene hochparallele Lademechanismus genutzt wird.

    Nehmen Sie an diesem Webinar teil um zu erfahren wie die Informatica Cloud Plattform Unternehmen hilft, Amazon Web Services effizienter und komfortabler zu nutzen. Anhand einer Demo sehen Sie wie ein exemplarischer End-to-End Prozess von der initialen Beladung einer Redshift-Datenbank bis zur Auswertung der Daten mit Tableau, realisiert werden kann.
  • Here’s the good news. While the number of data sources organizations face is rapidly increasing, the cost to store data has never been cheaper. This trend – as well as big data technologies like Hadoop – has led to more valuable insights for organizations.

    But it’s also led to IT departments overburdened with requests from the business users they support. So where do we go from here?

    View this webinar that discusses data federation, a type of data virtualization that:

    • Provides a centralized governance and security layer.
    • Speeds the creation of virtual data views.
    • Makes it easier for business users to access the data they need.

    We’ll also demonstrate technologies like big data virtualization, federated data-as-a-service and data masking.
  • Here’s the good news. While the number of data sources organizations face is rapidly increasing, the cost to store data has never been cheaper. This trend – as well as big data technologies like Hadoop – has led to more valuable insights for organizations.

    But it’s also led to IT departments overburdened with requests from the business users they support. So where do we go from here?

    View this webinar that discusses data federation, a type of data virtualization that:

    • Provides a centralized governance and security layer.
    • Speeds the creation of virtual data views.
    • Makes it easier for business users to access the data they need.

    We’ll also demonstrate technologies like big data virtualization, federated data-as-a-service and data masking.
  • Here’s the good news. While the number of data sources organizations face is rapidly increasing, the cost to store data has never been cheaper. This trend – as well as big data technologies like Hadoop – has led to more valuable insights for organizations.

    But it’s also led to IT departments overburdened with requests from the business users they support. So where do we go from here?

    View this webinar that discusses data federation, a type of data virtualization that:

    • Provides a centralized governance and security layer.
    • Speeds the creation of virtual data views.
    • Makes it easier for business users to access the data they need.

    We’ll also demonstrate technologies like big data virtualization, federated data-as-a-service and data masking.
  • SAS® In-Memory Analytics is built for speed. It enables you to access unstructured and structured data and tackle complex analytical computations blazingly fast. But it doesn’t end there.

    SAS In-Memory Analytics also delivers incremental value from big data so that you can find more lucrative opportunities, detect risks and improve targeted marketing.

    View this webinar to learn why SAS In-Memory Analytics can help you:

    • Tackle problems never before considered due to computing constraints.
    • Draw timely insights from Hadoop.
    • Perform self-service data discovery.
    • Run iterative and interactive analytics scenarios.
  • SAS® In-Memory Analytics is built for speed. It enables you to access unstructured and structured data and tackle complex analytical computations blazingly fast. But it doesn’t end there.

    SAS In-Memory Analytics also delivers incremental value from big data so that you can find more lucrative opportunities, detect risks and improve targeted marketing.

    View this webinar to learn why SAS In-Memory Analytics can help you:

    • Tackle problems never before considered due to computing constraints.
    • Draw timely insights from Hadoop.
    • Perform self-service data discovery.
    • Run iterative and interactive analytics scenarios.
  • SAS® In-Memory Analytics is built for speed. It enables you to access unstructured and structured data and tackle complex analytical computations blazingly fast. But it doesn’t end there.

    SAS In-Memory Analytics also delivers incremental value from big data so that you can find more lucrative opportunities, detect risks and improve targeted marketing.

    View this webinar to learn why SAS In-Memory Analytics can help you:

    • Tackle problems never before considered due to computing constraints.
    • Draw timely insights from Hadoop.
    • Perform self-service data discovery.
    • Run iterative and interactive analytics scenarios.
  • Channel
  • Channel profile
  • How to stop malware the first time. 5 strategies that work. Recorded: Apr 16 2015 61 mins
    Stephen Brunetto, director of product management at Trustwave and Chris Harget, senior product marketing manager at Trustwave
    Targeted malware, zero-day vulnerabilities and advanced persistent threats are increasingly responsible for data breaches. Why? Because they work. Most security products have a hard time protecting from advanced malware. This problem is compounded because attackers can easily mass produce new malware variants. What’s an IT person to do?

    Join us to learn key techniques to stop modern malware the first time. We will discuss:
    •What tactics work
    •Where to apply them
    •How to optimize cost, staffing and security.
  • PCI 101: Getting Started with the Payment Card Industry Data Security Standard Recorded: Mar 18 2015 59 mins
    Greg Rosenberg, QSA, CISA Trustwave Security Engineer
    The Payment Card Industry Data Security Standard (PCI DSS) was created to help prevent credit card fraud. Any business that process, stores or transmits payment card data must be PCI DSS compliant.

    This webcast will help you understand the basics of PCI, the steps to become compliant, and how compliance can help you protect your business against a security breach.
  • Ask an Analyst: Evolving your security strategy to overcome business challenges Recorded: Mar 4 2015 61 mins
    Ed Ferrara, Forrester Analyst; Dan Kaplan, Trustwave Editor
    Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • Database Security Threats: Risks to Your Data Recorded: Feb 26 2015 55 mins
    Oliver Pinson-Roxburgh, EMEA Systems Engineering Manager at Trustwave
    Today, businesses leverage confidential and mission critical data that is often stored in traditional, relational databases or more modern, big data platforms. Understanding the key threats to database security and how attackers use vulnerabilities to gain access to your sensitive information is critical to deterring a database attack.

    Join this webinar to learn about the latest threats and how to remediate them.
  • Future proof yourself with SpiderLabs forensic key indicators Recorded: Nov 27 2014 63 mins
    Oliver Pinson-Roxburgh, EMEA Systems Engineering Manager at Trustwave and Solomon Bhala, Senior Consultant at SpiderLabs
    During this event we will look back at Trustwave SpiderLabs forensic cases in order to identify trends that will help you prepare for the future.

    You will also get an inside view of how hackers have ransacked customer networks, giving you insight on how to protect your business from future attacks.

    During this webinar, we will discuss:
    •How to get into the mindset of the attacker
    •How to identify weak points in your network based on real cases
    •Lessons learned from the mistakes of others to get better at detecting compromise
    •How to limit your exposure in the future.
  • PCI 3.0 Is knocking on your door - are you ready? Recorded: Oct 16 2014 53 mins
    Mark Belgrove, Managing Consultant at Trustwave
    With the PCI DSS version 3.0 implementation deadline around the corner, organisations should be thinking about ways to prepare for the new requirements. With an evolving threat landscape, targeted attacks on sensitive data like yours and new technology platforms it may seem overwhelming to think about protecting your business.

    During this webinar, we’ll discuss:

    • Why PCI is so important in protecting your customers sensitive data and your business

    • How to secure your business and prepare for PCI 3.0

    • Tactics that will ensure compliance and security are always top-of-mind for you and your employees
  • Trustwave on Shellshock: What You Need to Know Recorded: Oct 1 2014 70 mins
    Karl Sigler, Threat Intelligence Manager, Trustwave
    Shellshock has made waves through the security community by earning a maximum CVSS score of 10 for overall criticality. As a security practitioner it is important for you to know what Shellshock is, how it works and how to protect your organization from being exploited by it. This Wednesday, October 1st Trustwave will host a webinar featuring Karl Sigler, Threat Intelligence Manager at Trustwave to get you the information you need to mitigate this new vulnerability. During this webinar, Karl Sigler will:

    · Communicate what the Shellshock vulnerability is and how it works
    · Identify the potential impact of Shellshock to your organization
    · Discuss how to detect if your systems are vulnerable to Shellshock
    · Explain best practices for securing your organization from Shellshock and other vulnerabilities
    · Answer your questions regarding this topic
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Sep 25 2014 56 mins
    John Yeo, Global Director at Trustwave SpiderLabs
    You’re invited to this live webcast where you’ll hear unique insights from the 2014 Trustwave Global Security Report – the data is as compelling as ever.

    This webcast will help you connect the insight and actionable advice to your organization’s data security challenges. Amid the key data points, you’ll hear the story behind the average breach and the state of the industry:

    •The volume is getting loud: cybercriminals continue to find new ways to steal data – and new types of data to steal
    •Passwords still plague business of all types: we’ll show you how and why
    •Self-detection shortens the time to detecting breaches, but self-detection isn't easy, find out why
  • PCI 3.0 is Knocking on Your Door: Are you Ready? Presented by Trustwave and ETA Recorded: Sep 23 2014 60 mins
    Greg Rosenberg, QSA, CISA Trustwave Security Engineer
    With the PCI DSS version 3.0 implementation deadline around the corner, organizations should be thinking about ways to prepare for the new requirements. With an evolving threat landscape, targeted attacks on sensitive data like yours and new technology platforms it may seem overwhelming to think about protecting your business.

    During this webinar, we’ll discuss:
    • Why PCI is so important in protecting your customers sensitive data and your business
    • How to secure your business and prepare for PCI 3.0
    • Tactics that will ensure compliance and security are always top-of-mind for you and your employees
  • The cost Implications of POPI aligned to Security Technologies Recorded: Sep 18 2014 63 mins
    Oliver Pinson-Roxburgh, EMEA Systems Engineering Manager, Trustwave
    In this webinar we will review the technical challenges that arise from the POPI bill and synergies with other standards in order to help align your approach to support compliance. We will take a look at the technologies that help meet compliance with the bill and their impact on organisations as well as how we can learn from other standards when building a technology roadmap to achieve compliance with POPI.
  • Malware Symposium: How to Defeat the Modern Cyber Enemy Recorded: Sep 17 2014 62 mins
    Michael Osterman, Osterman Research Analyst; Dan Kaplan, Trustwave Editor; Steve Brunetto, Trustwave Product Director
    In conjunction with Osterman Research, Trustwave will present a live panel discussion on the challenges of modern malware and how to effectively combat it.

    Trustwave editor Dan Kaplan will facilitate this discussion with Analyst Michael Osterman of Osterman Research, and Steve Brunetto, Director of Anti-Malware Product Management for Trustwave. This deep-dive session will investigate techniques modern malware uses to evade even “zero-day” detection methods, debunk misconceptions, and discuss what the next generation of malware prevention looks like.

    Following the discussion, audience members will be able to ask the panelists questions. Please join us for this interview-format webcast.
  • Recent Threat Discoveries Recorded: Sep 11 2014 63 mins
    Ziv Mador, VP of Security Research and Andy Crail, Senior Security Engineer
    Recent Threat Discoveries: New Point of Sale Malware and Insights about Exploit Kits and Weak Passwords

    In this presentation we will discuss:

    * Backoff, a new family of Point of Sale Malware

    * Magnitude, an Exploit Kit that became prevalent after the arrest of “Paunch”, the creator of Blackhole

    * And a recent study that shows that 54% of passwords can be cracked in minutes

    Join Ziv Mador, VP of Security Research and Andy Crail, Senior Security Engineer as they walk through some of the latest finds and intel coming from the elite hacking and research team within Trustwave, SpiderLabs.
  • Stocking up on Data Security: Protecting Retail Grocers from Hackers Recorded: Sep 9 2014 59 mins
    Don Brooks, Senior Security Engineer
    Data breaches are happening every day, and the grocery industry has become a prime target. This Trustwave webinar details how hackers are lining up at the checkout lane to steal valuable data (like credit card information) and what steps you need to take to ward off this threat. What you’ll learn:

    • Why grocery stores are a lucrative target for hackers
    • Think you’ve been breached? The key steps to take
    • How to comply with the PCI standard – and special considerations for grocers

    Trustwave’s senior security engineer Don Brooks will be presenting. We hope to see you there.
  • Data Compliance, Now POPI Recorded: Sep 4 2014 42 mins
    Leon Van Aswegen, Senior Information Security Consultant, Trustwave
    Wondering how the Protection of Personal Information (POPI) Act will affect your organisation? During this webinar Trustwave will provide an overview of POPI, the implications of processing personally identifiable Information (PII) and how to protect your organisation. What will we cover?

    •POPI overview;
    •Roles and responsibilities;
    •Trustwave methodology and approach;
    •Security and privacy overlap;
    •Condition 7, Security Safeguards;
    •Compliance pitfalls to avoid;
    •Compliance quick wins;
    •Privacy enhancing technologies;
    •Next steps to start your POPI program.

    To learn how Trustwave can help your organisation with POPI compliance, register now.
  • Financial Services at Risk: Adapting to new threats and a changing landscape Recorded: Aug 14 2014 54 mins
    Don Brooks, Senior Enterprise Engineer
    Hackers are after the money, and financial services firms certainly have plenty of it. Although these businesses have some of the most mature information security practices of any industry, criminals are evolving their tactics and targeting this vertical with new-found gusto.

    Join Don Brooks, senior enterprise engineer at Trustwave, as he discusses this shifting threat landscape and how you can defend your most prized assets.

    He will cover:

    - Am I really a target?
    - Going mobile: What this means to your security
    - Malware is everywhere: What can you do about it?
    - Top actions to take to reduce your risk

    There will be ample time for your questions at the end of his presentation, so join us, and seek Don’s help in solving your biggest security challenges.
  • Health Care Data Security and HIPAA Compliance: Live Panel Discussion Recorded: Jul 23 2014 64 mins
    Tom Glaser, Security Consultant; Toby Nelson, Security Consultant, and Chris Brown, Solutions Expert
    This live webcast will take you through the basics of healthcare data security, complying with HIPAA and guidelines for taking action quickly. Our expert panel will cover the basic landscape, and then take your questions in a live Q&A. The session agenda includes:

    - Business considerations for health care data security and compliance
    - Getting ahead of the curve - key activities for compliance with HIPAA
    - Where to get started and how to accelerate your security program

    Please join us!
  • Web Application Security Trends for 2014 Recorded: Jun 26 2014 58 mins
    Oliver Pinson-Roxburgh, EMEA Systems Engineering Manager, Trustwave
    In this webinar we will take you through the web security attack trends for 2014 and provide some remediation advice and tips for better security.
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Jun 25 2014 53 mins
    Jonathan Werrett, Managing Consultant APAC SpiderLabs
    The 2014 Trustwave Global Security Report has just been released – and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data – and new types of data to steal. A sample of what you'll hear:

    • The volume of data breach investigations increased 54% over 2012
    • Weak passwords open the door in 31% of data compromises
    • We saw a 33% increase in the theft of non-payment card
    • Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast!
  • Breaking Down the 2014 Trustwave Global Security Report Recorded: Jun 25 2014 65 mins
    Jonathan Werrett, Managing Consultant APAC SpiderLabs
    The 2014 Trustwave Global Security Report has just been released – and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data – and new types of data to steal. A sample of what you'll hear:

    • The volume of data breach investigations increased 54% over 2012
    • Weak passwords open the door in 31% of data compromises
    • We saw a 33% increase in the theft of non-payment card
    • Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast!
  • Trustwave and ETA Present: Breaking Down the 2014 Global Security Report Recorded: Jun 19 2014 58 mins
    Greg Rosenberg, Security Engineer
    The 2014 Trustwave Global Security Report has just been released - and the findings are more important than ever for your organization. While businesses have improved their time to detection of breaches substantially, cybercriminals continue to find new ways to steal data. A sample of what you'll hear:

    * The volume of data breach investigations increased 54% over 2012
    * Weak passwords open the door in 31% OF DATA COMPROMISES
    * Self-detection can significantly shorten the timeline from detection to containment

    Join us for this live webcast for the Payments Industry!
Smart security on demand
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than 2.7 million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective data protection, risk management and threat intelligence. Trustwave is a privately held company, headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Web Application Attack Trends
  • Live at: Apr 26 2012 3:00 pm
  • Presented by: Ryan C. Barnett
  • From:
Your email has been sent.
or close
You must be logged in to email this