Application attacks and vulnerabilities

Learn what remote code execution (RCE) is, how RCE attacks work, why they’re dangerous, how to prevent them using WAFs, and how Fastly can help.

Learn what vulnerability scanning is, why it matters, how it works, and best practices for reducing risk across networks, applications, APIs, cloud, and hosts

OS command injection is a web application vulnerability that allows attackers to execute arbitrary commands on the underlying operating system.

Directory traversal, also known as “path traversal” (and identified with CWE-22), is a web application vulnerability that enables attackers to access unintended files on an underlying filesystem.

A cloud firewall acts as a virtual shield, protecting the digital boundaries of your cloud infrastructure from unauthorized access and cyberattacks.

Single Sign-On (SSO) is an authentication method that enables users to access multiple applications or services using a single set of credentials managed by a trusted provider.

Una puerta de enlace web segura (SWG) es una solución de ciberseguridad que sirve como puerta de enlace entre la red privada de una organización y el resto de Internet.

An IdP Identity Provider is a service that creates, maintains, and manages users' identity information while providing authentication to your dependent systems.

A DNS amplification attack is a reflection-based DDoS attack that uses open DNS resolvers to flood targets with amplified UDP traffic.

El Protocolo de escritorio remoto o Remote Desktop Protocol (RDP) es un estándar de software desarrollado por Microsoft que permite a los usuarios conectarse y utilizar otro ordenador de forma remota.

Credential stuffing is a type of cyberattack where stolen usernames and passwords are used to gain unauthorized access to multiple websites.

A brute force attack is a cyberattack where a hacker uses software to systematically test different password combinations to gain access to an account without authorization.