Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that’s meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates [...]
A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF).
Pen testing can involve the attempted breaching of any number of application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.
Insights provided by the penetration test can be used to fine-tune your WAF security policies and patch detected vulnerabilities.
The pen testing process can be broken down into five stages.
