Back to learning center

Application attacks and vulnerabilities

Web application attacks are malicious activities that target vulnerabilities in design and implementation, that may lead to unauthorized access and data theft.

  • What is Vulnerability Scanning?

    Learn what vulnerability scanning is, why it matters, how it works, and best practices for reducing risk across networks, applications, APIs, cloud, and hosts

  • What is OS command injection?

    OS command injection is a web application vulnerability that allows attackers to execute arbitrary commands on the underlying operating system.

  • What is directory traversal?

    Directory traversal, also known as “path traversal” (and identified with CWE-22), is a web application vulnerability that enables attackers to access unintended files on an underlying filesystem.

  • What is a cloud firewall?

    A cloud firewall acts as a virtual shield, protecting the digital boundaries of your cloud infrastructure from unauthorized access and cyberattacks.

  • What is Single Sign-On (SSO)?

    Single Sign-On (SSO) is an authentication method that enables users to access multiple applications or services using a single set of credentials managed by a trusted provider.

  • What is a secure web gateway?

    A Secure Web Gateway (SWG) is a cybersecurity solution that serves as a gateway between an organization's private network and the rest of the internet.

  • What is an Identity Provider (IdP)?

    An IdP Identity Provider is a service that creates, maintains, and manages users' identity information while providing authentication to your dependent systems.

  • What is a DNS amplification attack?

    A DNS amplification attack is a reflection-based DDoS attack that uses open DNS resolvers to flood targets with amplified UDP traffic.

  • What is RDP?

    Remote Desktop Protocol (RDP) is a software standard developed by Microsoft that allows users to connect to and use another computer remotely.

  • What are credential stuffing attacks?

    Credential stuffing is a type of cyberattack where stolen usernames and passwords are used to gain unauthorized access to multiple websites.

  • What is a brute force attack?

    A brute force attack is a cyberattack where a hacker uses software to systematically test different password combinations to gain access to an account without authorization.

© Fastly 2025