Application Security

Application Security news, information, and how-to advice

Black Hat 2015
tight rope walking balance difficult challenge

01 fortified

How fortified is your SAP against security breaches?

Can you even tell if a breach has occurred? Have you inventoried its vulnerabilities - and taken steps to prevent, for example, a $22 million per minute loss due to a SAP breach? Ask yourself these 10 questions to find out if your SAP...

20151027 oracle cloud on building 100625234 orig

Oracle patches raft of vulnerabilities in business applications

Oracle released its first batch of security patches this year fixing 270 vulnerabilities, mostly in business-critical applications.

armor knight protect

Don't predict, protect

How businesses can actually protect themselves against a variety of threats.

code programming software bugs cybersecurity

This tool can help weed out hard-coded keys from software projects

A security researcher developed a tool that can automatically detect sensitive access keys that were hard-coded inside software projects.

ransomware data laptop

Exposed MongoDB installs being erased, held for ransom

Security researcher Victor Gevers, co-founder of the GDI Foundation, a non-profit dedicated to making the internet safer, is urging administrators to check their MongoDB installations, after finding nearly two hundred of them wiped...

medical marijuana

Agent applications for Nevada’s medical marijuana program exposed

Agent applications for establishments looking to operate within Nevada’s medical marijuana program have been exposed to the public, enabling anyone to view an applicant’s personal details.

gears closeup

Learning to love DevOps

Security professionals need to embrace DevOps and use it to their advantage. The DevOps Handbook offers an up to date guide for this process.

old keys

Google researchers help developers test cryptographic implementations

Security experts from Google have developed a test suite that allows developers to find weaknesses in their cryptographic libraries and implementations.

code wave tsunami

World will need to secure 111 billion lines of new software code in 2017

​A little known statistic is arguably one of the most important for CISOs and IT security pros to take note of as they head into 2017.

adobe systems headquarters san jose

Adobe fixes actively exploited critical vulnerability in Flash Player

Adobe Systems released security updates for several products, including one for Flash Player that fixes a critical vulnerability that's already known and exploited by attackers.

white roller paint

Application whitelisting, the battles you can win

Improved application whitelisting technologies that defend against malware

1 tsunami

8 ways companies can manage risks brought on by the SaaS Tsunami

Every employee is on a mission to find the next SaaS application that will make their job easier. With nothing more than a credit card and an expense report, anyone within the organization can sign-up for a new application in minutes....

A traffic sign that says Proceed with Caution

Password database dumps, or dump passwords?

Despite all the efforts to strengthen passwords and reduce risks this year, there are some things people still missed

gift container

The security gift guide

Give the gift of security, so people will give you the gift of not asking for help and advice.

1 working

Common security mistakes in collaboration tools

Collaboration tools have become all the rage, but has your IT department closed all security gaps.

new year post-it resolution

Cybersecurity's crystal ball, 2017 predictions

As 2016 comes to a close, industry analysts and practitioners alike are thinking about how to prepare for what is to come

07 insider

Unwitting attacks from the inside

Employee involvement top causes of most expensive breaches

adultfriendfinder screengrab

412 million FriendFinder accounts exposed by hackers

Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October. LeakedSource, a breach notification...

Load More