Application Development

Application Development news, information, and how-to advice

confusion decisions future misleading direction arrows
20160225 stock mwc ericsson booth security locks

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

acquisition hostile takeover

CA to acquire security testing firm Veracode for $614M

CA Technologies is acquiring application security testing company Veracode for US$614 million in cash, in a bid to broaden its development and testing offering for enterprises and app developers.

code programming software bugs cybersecurity

HackerOne offers bug bounty service for free to open-source projects

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free.

slack bug

Slack bug paved the way for a hack that can steal user access

One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick its users into handing over access.

video

Robocar is the first AI race car

Software engineers may be the new race car drivers with the debut of the first AI operated race car

code hacker cyberespionage eye data

SHA-1 collision can break SVN code repositories

The recently announced SHA-1 collision attack has the potential to break code repositories that use the Subversion (SVN) revision control system.

data spill leak

Bleeding clouds: Cloudflare server errors blamed for leaked customer data

While working on something completely unrelated, Google security researcher, Tavis Ormandy, recently discovered that Cloudflare was leaking a wide range of sensitive information, which could have included everything from cookies and...

Black Hat 2015

The CSO guide to top security conferences

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

bug bounty

Why you need a bug bounty program

If you’re ready to deal with the volume of reports, a bug bounty program can help you can find the holes in your system — before attackers do.

firewall hole

Java and Python FTP attacks can punch holes through firewalls

The Java and Python runtimes fail to properly validate FTP URLs, which can potentially allow attackers to punch holes through firewalls to access local networks.

0 shadow it intro

8 steps to regaining control over shadow IT

Learn how to discover those employees who went roaming for outside services.

privacy assistant app

Personalized privacy app manages smartphone permission settings

New app designed to manage privacy settings helps consolidate and tailor user permissions.

choice key security

Better evaluations are the key for security leaders to get better tools

Mike D. Kail explains how security leaders can better evaluate security tools and avoid buying things they don’t need

salary rising primary

CISOs rank third in top-paying tech jobs

Which IT roles earn the biggest salaries? Thirteen tech jobs can pull in salaries of $200,000 or more, according to new data from IT staffing firm Mondo.

innovation idea

RSA Innovation Sandbox winners: One year later

With the annual RSA security conference just around the corner, we decided to touch base with the 10 companies selected as finalists in last year’s Innovation Sandbox competition and see how they’re making out.

01 underattack

How to secure Active Directory

Russell Rice, senior director of product management at Skyport Systems, provides some ways IT organizations can keep privileged credentials for Active Directory safe.

01 intro

5 things DevOps needs to do to secure containers

Aqua’s CTO, Amir Jerbi suggests some key things DevOps should know about securing containerized applications.

zero fan

New trends in zero-day vulnerabilities

Best practices to mitigate the risks of zero day vulnerabilities

Load More