F5 Labs security experts spent a year researching application security. With the increasingly essential role of applications, one major question arises: If organizations don’t understand all the ways attackers can compromise their applications and exploit their data, how can they possibly defend their most critical assets? Join threat researchers Sara Boddy and Ray Pompon in this four-part series where they’ll share their findings from the 2018 Application Protection Report—some alarming, and others not so surprising at all—to help you prioritize what you should focus on to reduce your risk.
Join the F5 Labs Director, Sara Boddy, and Principal Threat Research Evangelist Ray Pompon as they discuss why they wrote the Application Protection Report, how they had to question some fundamental assumptions about applications in order to get to the heart of the matter, and how the resulting model—the App Stack—helped them make sense out of a pile of data from different sources.
In this episode, Sara and Ray take a critical look at threats against the App Services Tier. This means attacks against code, web servers, server-side infrastructure, databases, and so on. This also includes injection attacks against app services, which featured prominently in the public data breach notifications collected over a year. Learn why injection and other App Services attacks are so common, and how you can find, patch, and block these vulnerabilities.