Application Security

Application Security news, information, and how-to advice

cybersecurity shield and gear image
Black Hat 2015

containers port ship boat

Top 5 container mistakes that cause security problems

As enterprises increase their adoption of containers, they are also increasing the number of security mistakes they make with the technology.

blackhat2013

Black Hat 2017: Insightful, but too much hype

Black Hat 2017 was a busy show, highlighting a healthy cybersecurity industry. But there was too much hype, misunderstanding, and proprietary agendas.

mobile security phones

Five new threats to your mobile device security

Cyber criminals are stepping up their attacks on mobile devices with new weapons and variations on old ones.

secure container java box circuitry

Container security: How Waratek blocks Java exploits

Waratek's unique approach to container security relies on just-in-time compiling and focuses exclusively on one of the biggest security risks within most organizations: applications running Java.

Blackhat_2017
video

Chasing down leakers fast with ThinAir's asset tracking

Tony Gauda, CEO of ThinAir, talks with CSO senior writer Steve Ragan about how the ThinAir system tracks which users within an organization have seen each piece of data, spotting anomalous information and quickly finding the source of...

Blackhat_2017
video

Safeguarding power grids and other critical infrastructure from data leaks

CSO senior writer Steve Ragan talks with cybersecurity experts Krypt3ia and Kodor about how the pair seek out passwords, schematics and other sensitive documents on SCADA control system architectures that shouldn't be available...

Blackhat_2017
video

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either...

Faraday_Blackhat2017
video

Simple tips to keep your devices secure when you travel

CSO security reporters Fahmida Rashid and Steve Ragan share some easy ways to keep your data and devices secure while traveling, even at the Black Hat conference, where active scanning is the norm. (And check out the built-in Faraday...

The dark web's changed
video

How the dark web has gone corporate

Some criminals on the dark web are taking their cues from the practices of corporate IT. Illicit offerings run the gamut from code that buyers have to implement themselves to turnkey solutions and consulting services.

security lock

Police, municipalities are using highly insecure Bright City app

Researcher claims the Bright City app, meant to be used by cops, local governments and citizens, lacks security controls and exposes data.

Blackhat_2017
video

How DevOps and cloud will speed up security

Zane Lackey, CSO and co-founder of Signal Sciences, talks with CSO senior writer Fahmida Rashid about how DevOps and cloud can help organizations embed security into their technology structures, enabling business to move faster.

Blackhat_2017
video

Stop blaming users for security misses

Does the message to users about security need to change? Or does IT need to rebuild infrastructure so users can worry less about security? Wendy Nather, principal security strategist at Duo Security, talks with CSO senior writer...

021317blog software

How the lack of application development environments leads to reliability weaknesses

The software development life cycle (SDLC) serves a purpose within DevOps. Are you preparing for future failure?

Google logo fisheye

Configuration errors blamed for sensitive data exposed via Google Groups

Researchers at RedLock, working within the Cloud Security Intelligence team, say they've discovered hundreds of organizations exposing sensitive data via Google Groups, pinning the cause on basic configuration issues.

Oracle headquarters

Oracle’s monster update emphasizes flaws in critical business applications

Oracle hasn’t been “just” a database company in a long time, and nowhere is that more evident than in its quarterly critical patch update release, where the bulk of the fixes are in business applications like PeopleSoft and E-Business...

pixabay cybersecurity stock

Security and education in the wake of WannaCry, Petya

To prevent from becoming victims of cyber attacks like WannaCry, enterprises should regularly back up data, patch software and use automated security services.

23922465470 fe3c8b8cdf o

The 15 biggest data breaches of the 21st century

Security practitioners weigh in on the 15 worst data breaches in recent memory.

The Internet of Identities (IoI)

IoT, mobility, cloud and pressing security needs mean that every node must have a trustworthy identity and a secure path to network services.

Load More