Stopping Business Logic Attacks: Why a WAF is no Longer Enough - Karl Triebes - ASW #255
19 September 2023 - 1 hour 15 minsThe majority of attacks are now automated, with a growing number of attacks targeting business logic via APIs, which is unique to every organization. This shift makes traditional signature-based defenses insufficient to stop targeted business logic attacks on their own. In this discussion, Karl Triebes shares how flaws in business logic design can leave applications and APIs open to attack and what tools organizations need to effectively mitigate these threats.
This segment is sponsored by Imperva. Visit https://securityweekly.com/imperva to learn more about them!
In the news segment, a slew of XSS in Azure's HDInsights, CNCF releases fuzzing and security audits on Kyverno and Dragonfly2...
Series Episodes
Security That Sticks: Shaping Human Behavior - Rinki Sethi, Nicole Jiang - BSW #418
1 hour 3 mins
22 October Finished
The Afterlife, AWS, ClickFix, Agentic AI, Robot Lumberjacks, Robocalls, Aaran Leyland - SWN #522
37 mins
21 October Finished
Reacting to Ransomware and Setting Secure Defaults - Rob Allen - ASW #353
1 hour 3 mins
21 October Finished
Mitigating attacks against AI-enabled Apps, Replacing the CIA triad, Enterprise News - David Brauchler - ESW #429
1 hour 38 mins
20 October Finished
Erotic Chats, UEFI, F5, Cisco, Doug Sings, Insiders, Lastpass, Sora, Aaran Leyland... - SWN #521
35 mins
17 October Finished
