Sign up to save your podcasts
Or
Share Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats.
This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!
In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more!
Visit https://securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw-255
View all episodes
By Security Weekly Productions
4.9
1212 ratings
The majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats.
This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!
In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2, CISA shares a roadmap for security open source software, race conditions and repojacking in GitHub, and more!
Visit https://securityweekly.com/asw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/secweekly
Like us on Facebook: https://www.facebook.com/secweekly
Show Notes: https://securityweekly.com/asw-255
More shows like Application Security Weekly (Audio)
View all
Security Now (Audio)
1,998 Listeners
Risky Business
369 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
CyberWire Daily
1,017 Listeners
Business Security Weekly (Audio)
3 Listeners
The Application Security Podcast
36 Listeners
Click Here
416 Listeners
Darknet Diaries
7,958 Listeners
Cybersecurity Today
174 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
169 Listeners