Application attacks and vulnerabilities

Learn what vulnerability scanning is, why it matters, how it works, and best practices for reducing risk across networks, applications, APIs, cloud, and hosts

OS command injection is a web application vulnerability that allows attackers to execute arbitrary commands on the underlying operating system.

Directory traversal, also known as “path traversal” (and identified with CWE-22), is a web application vulnerability that enables attackers to access unintended files on an underlying filesystem.

A cloud firewall acts as a virtual shield, protecting the digital boundaries of your cloud infrastructure from unauthorized access and cyberattacks.

Single Sign-On (SSO) is an authentication method that enables users to access multiple applications or services using a single set of credentials managed by a trusted provider.

セキュア Web ゲートウェイ (SWG) は、組織のプライベートネットワークとインターネットの他の部分との間のゲートウェイとして機能するサイバーセキュリティソリューションです。

An IdP Identity Provider is a service that creates, maintains, and manages users' identity information while providing authentication to your dependent systems.

A DNS amplification attack is a reflection-based DDoS attack that uses open DNS resolvers to flood targets with amplified UDP traffic.

リモートデスクトッププロトコル (RDP) は、ユーザーが別のコンピューターにリモートで接続して使用できるようにする、Microsoft によって開発されたソフトウェア標準です。

Credential stuffing is a type of cyberattack where stolen usernames and passwords are used to gain unauthorized access to multiple websites.

A brute force attack is a cyberattack where a hacker uses software to systematically test different password combinations to gain access to an account without authorization.