Application Security

Application Security | News, how-tos, features, reviews, and videos

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.
Feature

Dependency confusion explained: Another risk when using open-source repositories

conference / convention / audience / applause / clapping
Feature

The CSO guide to top security conferences, 2020

digital cloud computing cyber security digital data network future picture id1216520824
Feature

Top 7 security mistakes when migrating to cloud-based apps

As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.

lock circuit board bullet hole computer security breach
Analysis

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

cubes - blocks - squares - containers - storage - repository
News Analysis

Half of all Docker Hub images have at least one critical vulnerability

New research reveals the scale at which criminals have exploited public open-source Docker repositories to plant malware among container images.

cso ts ai ml by just super getty images 2400x1600
Feature

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how experts minimized their risk.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock
Feature

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier.

cybersecurity controls
Feature

14 controls for securing SAP systems in the cloud

Organizations often don't follow security best practices when deploying and managing complex SAP systems. This set of security controls from the Cloud Security Alliance aims to change that.

One lock in a series is unlocked / weakness / vulnerability
News Analysis

Half of all virtual appliances have outdated software and serious vulnerabilities

New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.

internet web browser https / url address bar
Review

Silo for Safe Access: A more secure web browser for some use cases

Authentic8's Silo is a sandboxed web browser designed to protect users and systems from malicious code. It can be a more secure option than VPNs or virtual desktops in some cases.

RIP - grave - tombstone - cemetery - death [Image by Rob van der Meijden - CC0 via Pixabay]
Feature

Preparing for Flash and Office 2010 end-of-life

The imminent end of Microsoft's support for Adobe Flash is a good excuse to see what other end-of-life applications running on your Windows network could leave you vulnerable.

Application security > Software code + data protected with a lock
Feature

What is application security? A process and tools for securing software

Application security is the process of making apps more secure by finding, fixing, and enhancing the security of apps. Checking for security flaws in your applications is essential as threats become more potent and prevalent.

dark secrets of devops code secret quiet by kristina flour unsplash
News Analysis

The state of application security: What the statistics tell us

Companies are moving toward a DevSecOps approach to application development, but problems remain with security testing ownership and open-source code vulnerabilities.

open box / abstract code / open-source code
Feature

4 best practices to avoid vulnerabilities in open-source code

Open-source code in public repositories might contain malware or unintentional vulnerabilities. Here's how to best manage finding and mitigating potential problems.

binary data inside of a safe / secure containerization
Feature

9 container security tools, and why you need them

Most traditional security tools won't help with protecting container data and images. These options were built specifically for container security.

raining data on keyboard programming developer code
Feature

What is DevSecOps? Why it's hard to do well

DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives.

cloud security shield with checkmark / cloud / digital connections / cloud security expert / CASB
Feature

How do you secure the cloud? New data points a way

New reports show big differences in risk among public, private and hybrid cloud deployments. Here’s advice on the tools, information and organizational structure needed to execute a successful cloud security strategy.

A rusty old lock hangs open amid the flow of binary code.
Feature

Skipped patch from 2012 makes old Microsoft Office systems a favored target

Some organizations have still not implemented an Office patch from 2012. Attackers know this and are exploiting the vulnerability.

COVID-19 contact tracing app
News Analysis

4 critical issues surrounding contact-tracing apps

As countries rush to release contact-tracing apps, experts fear a lack of security and privacy controls.

Number six, painted on a door with a lock with abstract overlay of digital containers.
Feature

6 common container security mistakes to avoid

Containers are a secure way to deploy applications and services, but only if you use them properly. Here's how.

Load More