RedShield’s Service Proactively Protects from Critical React Server Components Vulnerability (“React2Shell” - CVE-2025-55182)
View content
Knowledge base
Dive into RedShield’s knowledge base for expert articles, technical guidance, and security best practices to protect your web apps and APIs.
PCI DSS 4.0 Security Updates: What You Need To Know
PCI DSS 4.0 in Australia: What's New for Application Security? The PCI DSS emerged in 2004 to establ...
View content
Consequence Defense: Application Security for the GenAI Age
For a deeper dive into the challenges of web application security and how RedShield helps organizati...
View content
RedShield DDoS & Bot Protection from GenAI-Wielding Adversaries
For a deeper dive into the challenges of web application security and how RedShield helps organizati...
View content
RedSecure: Managed Application Security Service
For a deeper dive into the challenges of web application security and how RedShield helps organizati...
View content
Generative AI: Exposing Risky Parsing Gaps in WAFs
Open full screen / Download PDF
View content
Alert: Microsoft SharePoint Servers Under Active Exploitation
View content
Good-bye “good enough”: Why escaping input now matters more than blocking
View content
Beyond Security Tools: Where Does 90% of the Total Cost of Web Application Security Come From?
Uncovering the Hidden 90% of Your Application Security Cost Security leaders are often confronted by...
View content
Generative AI is Exposing the Limits of WAFs. RedShield Approach Addresses the Gaps.
Generative artificial intelligence has dramatically lowered the cost and effort required to mount so...
View content
From 50 Gbps to 5.6 Tbps: The Reality of Hyper‑Volumetric DDoS
What’s changed isn’t just the volume, but the strategy. Attackers now favour short, high-impact “bli...
View content
The Hidden Economics of DDoS and Bot Attacks: How to Tip the Balance
At RedShield, our three-horizon model flips that equation. Our three-horizon defence model is design...
View content
Knowledge base
Why “blocking everything” is not the same as being secure (and how RedShield proves it)
A common expectation of non-security teams is that a WAF should automatically block all traffic that...
View content
Knowledge base
Comparing the RedShield-AWS DDoS Solution to Market Alternatives
With the prolific growth in cybercrime, the number of infected devices under the control of criminal...
View content
Knowledge base
RedShield's Response to the WAF Bypass techniques disclosed by Claroty
View content
Knowledge base
Best practices for web authentication
The Verizon Data Breach Report of 2020 provides a comprehensive analysis of the source of many high-...
View content
Knowledge base
What are Cross Site Request Forgery (CSRF, XSRF) Attacks? And how can you effectively mitigate them?
A CSRF attack forces a logged-on victim's browser to send a request to a vulnerable web application,...
View content
Knowledge base
What are Dictionary Attacks? And how can you effectively mitigate them?
Cybercriminals generate permutations of words or character sets, repeated passwords, or variations -...
View content
Knowledge base
RedShield has developed shields to mitigate “Log4j” (CVE-2021-44228)
A zero-day exploit of Apache Log4j 2 (“Log4Shell”, CVE-2021-44228) was disclosed on 9 December 2021....
View content
Knowledge base
TLSv1.0 and v1.1 are being deprecated: Here’s how to upgrade, while keeping your customers connected
And if you’re not ready for it (and more than 40% of the top million sites still support 1.0 and 1.1...
View content
Knowledge base
How can you protect your web applications (and business) from carding attacks?
Australia Post’s Inside Australian Online Shopping 2021 report highlights a 26.9% YOY growth in onli...
View content
Knowledge base
Introducing Second-Factor Authentication (2FA) Shields
Today, we are excited to announce a brand new function that RedShield has developed to address a spe...
View content
Knowledge base
Risk, resourcing, and legacy applications: Application security challenges for state and local government
Faced with thousands of applications in complex environments to manage, a global skill-shortage of a...
View content
Knowledge base
A Guide to a Best Practice Web Application Operational Security Program
With new application vulnerabilities being published at over 50 a day, the race starts again tomorro...
View content
Knowledge base
Six Misconceptions About Shielding
Misconception #1: Fixing code is always better, more robust, or more secure When vulnerabilities are...
View content
Knowledge base
2021 TAG Cyber Annual: An interview with Andy Prow, CEO & Co-Founder, RedShield
Today, applications are arguably the most important entity to keep up and running on an organization...
View content
Knowledge base
Enabling Secure Digital Transformation: Strategies to Secure Your Project, Customers, and Organization
However, the vast number of ‘moving parts’ in a DX initiative presents new levels of complexity. And...
View content
Knowledge base
Web Application Firewall (WAF)
As one might expect, shielding is a good metaphor for much of what we do in cyber security. Any time...
View content
Knowledge base
Urgent Action Needed to Protect E-Commerce Sites From E-Skimming Attacks Targeting Magento Vulnerabilities
With the sustained Magecart attacks targeting Magento CMS, and the outdated version no longer provid...
View content