Wake up call. Apache Struts is being exploited

Dislaimer: It's a tale of incident response for a vulnerability dated March 2017, that wasn't patched on the server. And, someone exploited it naively. It was in the night that I received a message - "We have been hacked". As with most of the hacks, people tend to overreact (or sometimes under) and the 1st message delivers the least amount of information. It started a chain of events, and forensics to identify what happened, and how? Around 23:00h there was a trigger that some packet was knocking on the firewall port to go out of the internal...
Read More

Need for WAF in the world of Secure SDLC

You have a secure development lifecycle, and you do perform a pen-test before going live, or rolling out an application in production; then why do you need a Web Application Firewall? At the end, it is one more security product where ROI is difficult to prove. This is one of the most common question I have been asked when talking about application security. People are still conservative when it comes to buying a good WAF and implementing it across all applications. Common queries that are receive are, What's the use of WAF when my application is secure? What if the...
Read More