AppSec Knowledge Base

Advanced application security

AppSec Policies 

Application Security Basics

Development

Web Application Flaws & Vulnerabilities

Miscellaneous

Home / AppSec Knowledge Base / Application Attack Types

ATTACKS

Application Attack Types

The following is an extensive library of security solutions articles and guides that are meant to be helpful and informative resources on a range of security solutions topics, from web application security to information and network security solutions to mobile and internet security solutions.

ARP Spoofing ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network. Learn More

Botnet A botnet is a network of compromised computers under the control of a malicious actor. Each individual device in a botnet is referred to as a bot. Learn More

Cache Poisoning Cache poisoning is a type of attack in which corrupt data is inserted into the cache database of the Domain Name System (DNS) name server. The Domain Name System is a system that associates domain names with IP addresses. Learn More

Computer Worm Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities. Learn More



Keylogger Keyloggers or keystroke loggers are software programs or hardware devices that track the activities (keys pressed) of a keyboard. Keyloggers are a form of spyware where computer users are unaware their actions are being tracked. Learn More

Malware Malware is short for “malicious software”: hostile applications that are created with the express intent to damage or disable mobile devices, computers or network servers. Learn More

Man-in-the-Middle Attack A man-in-the-middle (MITM) attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. Learn More



Rootkit A rootkit is a computer program designed to provide privileged access to a computer while actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine. Learn More

 

SQL InjectionSQL Injection is a type of attack that attempts to gain unauthorized access to your database through user input fields Learn More

 

Spoofing Attack A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls. Learn More



Spyware Although it sounds like something James Bond would employ, spyware is all too real. Spyware is any software that installs itself on your computer and starts covertly monitoring your online behavior without your knowledge or permission. Learn More

 

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.