Application Security

Application Security news, information, and how-to advice

iot retail internet of things
5 checklist

Chrome

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.

adobe san jose

Adobe fixes critical flaws in Flash Player and Digital Editions

Adobe Systems has fixed over 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.

steps

How to get a more cost-effective cyber insurance policy

Tips on how to mitigate risks and get more bang for your buck on cyber insurance

fingers hug friends

Bugcrowd, the Match.com for developers and researchers?

Is it better for business if developers and researchers can build a better relationship?

microsoft headquarters

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover its open-source .NET Core and ASP.NET Core application development platforms.

pixelated clouds reflecting on building windows

Experts challenge Skyhigh's patent for cloud-based encryption gateway

Skyhigh Networks, Inc., announced today that it has received a patent for using a hosted gateway to encrypt and decrypt data moving between users and cloud services such as Office 365, but some experts say that the technology is...

pokemon go app

Pokemon Go puts enterprises at risk

Eight statistics that might surprise you about Pokemon Go and the corporate network

devops tattoo

Automate, integrate, collaborate: Devops lessons for security

Devops is transforming application development; the same principles of automation, integration, and collaboration can vastly improve security as well

patch job

Never patch another system again

Over the years I have been asked a curious question numerous times. 'If we use product x or solution y we wouldn't have to patch anymore, right?" At this point in the conversation I would often sit back in my seat and try to look...

blackhat 2015 jeep hack

Presentations show the auto industry needs to shore up cars' security

A look at security tools that help auto manufacturers build safer connected cars

7 Signs You're Doing Devops Wrong

Reach 'em and teach 'em--educating developers on application security

How to bring security to the forefront and have it as an integral part of any software development lifecycle

chrysler 300c console

Does entertainment trump security in connected cars?

Security as an afterthought is still the cause of most common vulnerabilities in connected cars.

vintage ad

Adware turns a tidy profit for those who sneak it into downloads

If you've ever downloaded software, chances are you've experienced an all-too-common surprise: ads or other unwanted programs that tagged along for the ride, only to pop up on your PC uninvited. Turns out there's a highly lucrative...

20151027 oracle logo on yacht

Hackers hit Oracle's Micros payment systems division

Russian cybercriminals have infiltrated systems at Micros, an Oracle division that is one of the world's biggest vendors of point of sale payment systems for shops and restaurants, according to an influential security blogger.

standing out crowd

Security by the people

Sometimes it takes a village. In the case of information security, sometimes it takes an employee. Forward thinking enterprises can go beyond simply providing IT security awareness training and hygiene tips for their users, and enlist...

mobile phishing

Mobile phishing – same attacks – different hooks

I spent the last two weeks talking with CISOs, application developers, mobility experts and IoT thought leaders like SRI’s Dr. Ulf Lindqvist. One thing was for certain – mobile is receiving a lot of attention from the...

The future of red teaming: Computer robots face off in adversarial rounds

If you were at BSides and you caught the presentation from Endgame's principal security data scientist, Hyrum Anderson, you were likely wowed by the innovative dueling defender and adversary demonstration. If you missed it, Anderson...

4 cloud

How to best vet third-party vendors

Cloud providers have raised awareness of third party risks to security

Load More