Application Security

Application Security | News, how-tos, features, reviews, and videos

CIO | Middle East > Presentation / speaker / conference / workshop / training
lock circuit board bullet hole computer security breach

coding / programming / development / binary code

Review: How ShiftLeft catches vulnerabilities during code development

This combination traffic analysis tool and dynamic application security testing tool works with nearly any language and CI system, is very easy to use, and integrates directly into the development process.

A glowing lightbulb stands out from the crowd of unlit lightbulbs.

RSA 2020: 7 trends and takeaways

Attendance down, costs up, and lots of tech talk

IDG Tech Spotlight  >  Containers + Virtualization [ CSO / March 2020 ]

How Visa built its own container security solution

The homegrown solution takes advantage of the native capabilities that already exist on container orchestration platforms and is primarily built on top of open-source tools and libraries.

Many keys, one lock  >  Brute-force credential stuffing.

APIs are becoming a major target for credential stuffing attacks

New research shows that attackers use APIs to automate credential stuffing attacks. The financial sector is particularly vulnerable.

RSA 2020's hot new startups

12 hottest new cybersecurity startups at RSA 2020

Cybersecurity startup companies use the RSA Conference to make their public debut and showcase their products. These are some of the more interesting startups coming out of stealth.

budget piggy bank spending savings security spending

Cybersecurity spending trends, 2020

Spending is up, but perhaps not in the most needed areas, increased business leader involvement brings new challenges, while vertical industries have different requirements and priorities.

IDG Tech Spotlight  >  Security  >  Cybersecurity in 2020: From secure code to defense in depth

Cybersecurity in 2020: From secure code to defense in depth

CIO, Computerworld, CSO, InfoWorld, and Network World tackle the hot security issues, from prioritizing risk to securing digital transformation.

Overflow  >  Pouring more binary water into a glass than it can hold causing overflow.

What is a buffer overflow? And how hackers exploit these vulnerabilities

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This causes data to overflow to adjacent...

Sponsor Podcast Veracode

Frequency matters: the case for scanning early and often, part 2

Security debt – which is defined as aging and accumulating flaws in software -- is a lot like credit card debt. You can throw money at the balance, but if you don’t stop spending, you’re never going to actually get out of debt. ...

Sponsor Podcast Veracode

Frequency matters: the case for scanning early and often, part 1

The latest Veracode State of Software Security report reveals that scanning early, often, and steadily helps you fix more flaws faster while not contributing to security debt. The report finds 56 percent of software flaws eventually...

Sponsor Podcast Veracode

AppSec grows up

AppSec awareness has grown in a decade. In Veracode’s State of Software Security report, Volume one, most of the conversation was around trying to explain and advocate for application security. Today, far less of that is necessary and...

Sponsor Podcast Veracode

Security debt across sectors: behind the numbers

According to the latest State of Security Software report from Veracode, the retail industry has the lowest average number of unaddressed security flaws. Government and education have the largest “iceberg“ of security debt lurking...

Sponsor Podcast Veracode

Unresolved flaws: security debt grows deeper

The average number of days to fix software flaws was at 59 days in the first Veracode State of Software report from ten years ago. Today, it’s jumped to 171 days in the latest 2019 report. While typical median fix times haven't...

Sponsor Podcast Veracode

What’s behind most security debt

Security debt - defined as aging and accumulating flaws in software - is emerging as a significant pain point for organizations across industries. In this first episode of our second season of a Hard Look at Software Security,...

mobile security / threat detection / traffic analysis

Inspecting TLS-encrypted traffic with mitmproxy

The free, open-source mitmproxy tool makes it easy to inspect TLS-encrypted app and web traffic to see exactly who your phone is talking to.

tools / toolkit / binary code

9 top fuzzing tools: Finding the weirdest application errors

Fuzz testing tools root out odd programming errors that might result in dangerous unexpected application errors that attackers can exploit.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

8 common pen testing mistakes and how to avoid them

Penetration testing is vital, but are you doing it right? Here are some common mistakes and advice on how to avoid them.

API security alerts displayed on monitors amid binary code / application security

What you need to know about the new OWASP API Security Top 10 list

APIs now account for 40% of the attack surface for all web-enabled apps. OWASP has identified 10 areas where enterprises can lower that risk.

Load More
You Might Also Like