WAF

March 20, 2025

Tomcat RCE Vulnerability Now Exploited in the Wild

Researchers recently found a vulnerability in Apache Tomcat’s servers that would allow an attacker to commit Remote Code Execution with a single PUT request to a specific API, followed by a GET. And now, this vulnerability is officially being exploited in the wild.



December 5, 2023

DFIR & API Breaches: Why Context Matters

When it comes to investigating and preventing API breaches, context is king. In this piece, we take a look at why application layer visibility is essential to effective digital forensics and incident response.



October 4, 2023

Web Application Firewalls & API Security: Why WAFs Always Fall Short

While Web Application Firewalls, or WAFs, are often touted as a go-to solution for web app security, they frequently fall short – and in many cases, offer little more than an artificial sense of protection that is not backed by actual protection. But why isn’t a WAF good enough? Where do they fall short, and what is the better alternative? Let’s dive a bit deeper.



February 16, 2023

Exploring the Pros and Cons of Web Application Firewalls (WAFs)

Over the last few years, web application attacks have become one of the leading causes of data breaches, making web application security increasingly important for overall security posture.



July 18, 2022

The WAF must die - some interesting thoughts

A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application firewalls, most commonly known as a WAF.



WAF

Tomcat RCE Vulnerability Now Exploited in the Wild

DFIR & API Breaches: Why Context Matters

Web Application Firewalls & API Security: Why WAFs Always Fall Short

Exploring the Pros and Cons of Web Application Firewalls (WAFs)

The WAF must die - some interesting thoughts

This site uses cookies