Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/7/2009
12:50 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Zscaler Releases 2009 Web Security Predictions

Fundamental shifts in Web technologies will be targets in 2009, according to the SaaS security provider

SANTA CLARA, California, January 6, 2008 - Zscaler, the industry-first, multi-tenant SaaS security service, announced today that it has released its 2009 web security predictions. The predictions focus on a variety of factors influencing the landscape today including cloud computing, mobile devices, increased complexity in browsers and web applications and changing business needs. Rather than looking at general trends in technology or security overall, the Zscaler predictions focus specifically on recent changes in web technologies and user behaviors and investigates how attackers are likely to exploit these new paradigms.

"2009 will be an intriguing year," according to Michael Sutton, VP, Security Research. "With the emergence of revolutionary changes such as cloud computing, widespread adoption of next generation web application technologies and the 'real' web arriving on mobile devices, we must anticipate that attackers will adjust their tactics to leverage these shifts. Likewise, companies must adjust their security posture to ensure that they're staying ahead of the curve and protecting against tomorrow's attacks before they become a reality."

Zscaler's 2009 Web Security Predictions can be found online at: http://research.zscaler.com/2009/01/web-security-predictions.html

"As an in-the-cloud security provider we're in a unique position to identify threats as they emerge from all over the globe," said Jay Chaudhry, Zscaler's CEO. "With web traffic from a multitude of clients traversing through Zscaler's network of high speed gateways, we've able to identify trends in attack patterns that others rarely have the opportunity to see."

About Zscaler, Inc.

Through a multi-tenant, globally-deployed infrastructure, Zscaler enforces business policy, mitigates risk, and provides twice the functionality at a fraction of the cost of current solutions. It enables organizations to provide the right access to the right users, from any place and on any device-while empowering the end-user with a rich Internet experience. For more information, visit us at www.zscaler.com.

Press Contact: Liz Youngs, Zscaler Press Relations 843-971-7140 office, 843-412-6327 mobile [email protected]

Zscaler(tm), and the Zscaler Logo are trademarks of Zscaler, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-22539
PUBLISHED: 2021-04-16
An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint *.bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recommend...
CVE-2021-31414
PUBLISHED: 2021-04-16
The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.
CVE-2021-26073
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or ...
CVE-2021-26074
PUBLISHED: 2021-04-16
Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a se...
CVE-2018-19942
PUBLISHED: 2021-04-16
A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QT...