StrongBox IT

December 3, 2020
Blog

Vulnerability in widely-used WordPress plugin could allow full site takeover

WooCommerce has made ecommerce website building and developing easy with multiple plugins automating the tasks without any coding knowledge. TI WooCommerce Wishlist is one such plugin which enables the customers to add any product to their wishlist and buy them later. A flaw in this plugin enables the user (customer) to attain the admin status. […]

November 27, 2020
Blog

Installing Modshield SB from the GCP Marketplace

Step 1:Open the GCP Marketplace listing page that suits your licensing model (Cloud / BYOL), and click on the Launch button. Step 2: Provide a suitable instance name for your new deployment. Change the Deployment Zone and Machine Type if required, while it’s recommended to use the deployment template defaults. Disk Size can be […]

November 2, 2020
Blog

Why Application Security Testing is Critical for Organization

According to an article in CIO magazine, a typical USD500+ million organization has 3,000+ applications. While average, organizations (excluding financial firms) have around 600 business-critical applications. On the other hand, financial firms have about 800 business-critical applications. Every day growing numbers of both small and large enterprises are falling victim to hackers, resulting in data […]

October 21, 2020
Blog

Top 4 Points to Consider when selecting an Web Application Firewall (WAF)

Web Application firewalls have, for a long, served as one of the enterprise’s important security technologies. But even as hackers have gotten sharper at avoiding traditional security, application firewalls have maintained their value. If your enterprise is considering a web application firewall for the first time or looking to replace an existing one, ensure you […]

September 17, 2020
Blog

Web Application Firewalls (WAF) and its Advantages

With the accelerated rise in the number of companies adopting cloud for running business applications and saving private data, cyber criminals have started to target web applications and websites. This has led to an ever-increasing need for web application Firewalls. According to an IBM report, the average cost of a data breach to enterprises is […]

September 14, 2020
Blog

Installing Modshield SB from the Azure Marketplace

Step 1:Select your preferred plan (either Cloud or BYOL) from the provided dropdown menu, and click Continue button Step 2: Click on Create button to configure various deployment settings <Step 3: Provide name for your new instance and change size if required from the available list Step 4: Configure your login username and authentication method in the […]

September 2, 2020
Blog

How an application firewall like Modshield SB could have saved the day

Freepik, a top-100 Alexa ranked popular website that provides access to free stock photos and design graphics, announced on Friday (21 August) that it had been subject to a major data breach due to a SQL injection vulnerability. In a statement released by the company, it is said that they immediately notified authorities of the […]

June 24, 2020
Blog

Installing Modshield SB from the AWS Marketplace

Step No: 1 Visit the marketplace page of the version that better suits your needs (Cloud / BYOL). Click on “Continue to Subscribe” button Step No: 2 Read and confirm that you accept the End User Licence Agreement (EULA) Step No: 3 You should see the status as “Pending” for a while when AWS processes your request, which should […]

June 23, 2020
Blog

Protection against API Credential Stuffing using Modshield SB Web Application Firewall

Ref: https://owasp.org/www-community/attacks/Credential_stuffing Credential stuffing is the automated injection of breached username/password pairs in order to fraudulently gain access to user accounts. This is a subset of the brute force attack category: large numbers of spilled credentials are automatically entered into websites until they are potentially matched to an existing account, which the attacker can then […]