Home » Data Protection » Application Security

Application Security

Application security, web app security, secure code development and software vulnerabilities

Application Security articles

Pressure mounts for building in security during application development

Microsoft survey of IT pros and developers worldwide found only 37% worked for organizations that built products with security in mind

» full story

Experts ding DHS vulnerability sharing plan as too limited

Without universally availability, plan could miss smaller businesses hackers could use as an entry point to critical infrastructure companies

» full story

In a sea of malware, viruses make a small comeback

Microsoft has noticed a small uptick in viruses that infect files

» full story

Fed offensive fueling hacker underground, report says

With the government said to be the biggest buyer of malicious tools, some fear it will weaken the nation's cyber defenses -- public and private

» full story

Health care breach victims plummet

Tougher rules and big settlements are said to be behind the fall in affected clients, but one group calls it the 'calm before the storm'

» full story

Adobe releases critical security updates for Reader, Flash Player and ColdFusion

One of the patched ColdFusion flaws is already targeted by attackers

» full story

Microsoft rushes Explorer 8 patch release

Microsoft's Patch Tuesday for May addresses 10 security issues, three of them that need to be addressed immediately

» full story

Companies, government unprepared for new wave of cybersabotage

Intelligence not the only part of government that has struggled. Senate has not moved on legislation to back President's order on cybersecurity

» full story

It's better to call ahead before sending malware, Symantec finds

French-speaking organizations are receiving bogus calls asking them to check an invoice, which is actually malware

» full story

Labor Department hackers more sophisticated than most

Security pro says attacks designed for further breaches, noting, 'They're not gathering this information and sending it home for no reason'

» full story

» View all Application Security articles

MORE GREAT APPLICATION SECURITY RESOURCES

Still hungry? Here are links to application security books, associations, and other information resources to help you find (and avoid) vulnerabilities and build secure software and websites.

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard (2011). On Amazon.com.
24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them by Michael Howard (2010). On Amazon.com
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition by Allen Harper (2011). On Amazon.com.
OWASP, the Open Web Application Security Project.
BSIMM, the Building Security In Maturity Model.

Also see Application and software security certifications in CSOonline's Security Certification Directory.

APPLICATION SECURITY ESSENTIALS

In-depth information on tools and strategies for writing secure code, finding vulnerabilities, and other critical application security issues

10 steps to secure browsing
Holistic patch management, browser settings, filtering, and other tactics

Vulnerability management: The basics
5 key tenets for making the most of vulnerability management efforts

Software security for developers
Building security in, from the requirements phase through deployment

Software security for app dev managers
Building and managing a software security program that pays off

Security Analytics Video
At a time when security teams need to know literally everything that is going on in their infrastructure, how can your team utilize this information in the most efficient way possible and stay one step ahead of attackers?

» View All Application Security Webcasts

Application Security White Papers

Utility Storage: The Ideal Platform for Virtual and Cloud Computing
In this IDG Tech Dossier, learn how utility storage makes for massive consolidation, flexibility and scalability, so IT departments can reduce storage infrastructure and lower costs.
Big Data, Big Risks, Big Rewards
Secure Your Data Before it's Too Late
The Big Data Security Analytics Era Is Here
Security management must be based upon continuous monitoring and data analysis for situational awareness and data-driven security decisions. Organizations have entered the era of big data security analytics.
Transforming SIEM into A Warning System for Advanced Threats
Given the state of today's security systems, most organizations are a long way from using these types of advanced technologies for security management. Security professionals need to get more value from the data already collected and analyzed.
The CISO's Guide To Virtualization Security
Learn more.
The 10-Minute Guide to Cloud Encryption Gateways
How the CipherCloud Gateway Works

» View All Application Security White Papers

White Papers

Utility Storage: The Ideal Platform for Virtual and Cloud Computing

Big Data, Big Risks, Big Rewards

The Big Data Security Analytics Era Is Here

Transforming SIEM into A Warning System for Advanced Threats

The CISO's Guide To Virtualization Security

The 10-Minute Guide to Cloud Encryption Gateways

Deal With It: Protecting Data in the Cloud

Data loss prevention: Refreshing data security to meet an evolving threat environment

Two-Factor Authentication

DLP Is Not Just Good for Business, It's Vital for Business

Expert Help to Assess Your Data Loss Risks

Harvard Business Review: How Mobility is Changing the World

How Mobility is Changing the Enterprise

Mobile Commerce: The Path to Customer Engagement

How Mobility is Transforming Industries

Delivering on the Promise of Mobile ROI

BYOD Policy Guidebook

Forrester: Mobile is the New Face of Engagement

Best Practices for a Mobility Center of Excellence

Customer Profile: Bennet Jones LLP

More White Papers »

Application Security