Application Security

Application Security | News, how-tos, features, reviews, and videos

security bug

Feature

What is a chaff bug? How adding bugs to apps may make them more secure

Researchers at NYU have developed a technique to add inert bugs in code to deter hackers. But could it work in reality?

Black Hat 2015

Feature

The CSO guide to top security conferences, 2018-19

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

orange monitors with lock icon network security cyber threat

AppSec 2.0By Amir Jerbi
IDG Contributor Network

The thin host to serverless model is radically realigning your security responsibilities

This is good news as infrastructure and network security oversight transfers to your cloud provider.

two tiny figures study dashed lines with arrows indicating different directions or paths

Feature

Secrets of 'shift left' success

The shift left movement is about bringing security into the software development cycle earlier through DevSecOps and other changes, yielding more secure software more quickly and at lower costs.

password security - locked mobile phone in hand shows lockscreen

Next Gen AuthenticationBy George Avetisov
IDG Contributor Network

Does the answer to better security lie in password-less experiences?

Truly password-less authentication that lets users control personal details is key to avoid identity theft and data breaches.

bucket with holes breach security vulnerability

News Analysis

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

mobile phone payment

Payment Security TrendsBy Ruston Miles
IDG Contributor Network

What’s next in payment security?

The three fundamental changes that every card-accepting business and payment solution provider must know.

cloud computing - connections - apps - network

Secure EnterpriseBy Gerry Gebel
IDG Contributor Network

Securing continuous deployment for applications in the cloud

Container orchestration tools lack the necessary security controls but attribute based access control (ABAC) can help.

google cloud services

Cybersecurity SnippetsBy Jon Oltsik

Google intends to make GCP the most secure cloud platform

If Google wants the world to know how secure Google Cloud Platform is and increase adoption, it must educate the market and turn up the competitive fire.

cloud security ts

Feature

How do you secure the cloud? New data points a way

New reports show big differences in risk among public, private, and hybrid cloud deployments. Here’s advice on the tools, information, and organizational structure needed to execute a successful cloud security strategy.

cwan 013 6securityreasons win10

video

6 security reasons to upgrade to Windows 10

From advanced authentication to new privacy controls, Windows 10 offers users solid security reasons to upgrade.

salted hash thumbnail multi final

video

Don't ignore application security | Salted Hash Ep 35

In this episode, Michael Feiertag, CEO and co-founder of tCell, joins host Steve Ragan to talk about why application security is more critical than ever and why it's just now getting more attention from security teams.

runners at starting line

Feature

5 tips for getting started with DevSecOps

Don't be fooled, integrating security into the DevOps process is a big project. But the payoff is worth the effort. Here's what you need to know to get started building DevSecOps from the ground up.

eye binary IDS Intrusion Detection System

Risk AwarenessBy Robert C. Covington

Cybersecurity operations: Don't wait for the alert

An SOC is a useful part of our cybersecurity arsenal, but its main benefit will be in helping to minimize damage from an issue that has already happened. A strong investigative team, on the other hand, can help to identify and resolve...

emerging tech ai machine learning

Feature

Security and new technology: How one company faced the unknown

A move to a pure cloud strategy at the London Stock Exchange Group forced a new security mindset. Here's how the LSEG's CISO faced the challenge.

salted hash thumbnail final

video

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

futuristic user interface - smart city - digital transformation

Feature

For strong API security, you need a program not a piecemeal approach

When designed and managed properly, APIs can be less problematic than traditional integration methods and can actually increase an organization's security posture.

Lego wall breakthrough

AppSec 2.0By Amir Jerbi
IDG Contributor Network

Does DevSecOps eliminate the segregation of duties between security and DevOps?

Yes, some cloud-native application development tools include basic security features. No, that does not mean DevOps should “own” security.

Load More

Popular Resources

White Paper

Say Hello to The Software-defined Perimeter (SDP)
White Paper

Forbes/VMware: The Impact of a Digitally Empowered Workforce
White Paper

A Manufacturer's Guide to Growing Profitably
White Paper

Close Security Gap with Protection at the Software and Hardware Levels
White Paper

Automated Process Discovery replaces Process Mining

See All

Most Popular

BrandPosts

Sponsored by CA Veracode

How to Make Application Security a Competitive Advantage - Webinar
Sponsored by Fortinet

The Value of Third Party Testing

Sponsored Links