Application Security

Application Security news, information, and how-to advice

protection privacy locks security cybersecurity
email iot internet security

Windows logo overlaying hand with band-aid patch

A patch in time saved nine

In today’s Windows environment, things are changing, and the old cliches may no longer be true.

23922465470 fe3c8b8cdf o

The 17 biggest data breaches of the 21st century

Security practitioners weigh in on the 17 worst data breaches in recent memory.

cyber security lock secure security

How devsecops protects appsec from the cybersecurity skills gap

DevSecOps may not be a 100% solution for cybersecurity skills shortage, but it can make it less of a concern in the AppSec realm.

Black Hat 2015

The CSO guide to top security conferences

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

oneplus 5t dual camera

OnePlus says up to 40,000 customers affected by credit card breach

OnePlus, the company behind a popular line of Android devices, said on Friday that up to 40,000 customers might be at risk after a malicious script compromised payment card data during the checkout process.

cloud security ts

How do you secure the cloud? New data points a way

Two new reports show big differences in risk among public, private, and hybrid cloud deployments. Here’s advice on the tools, information, and organizational structure needed to execute a successful cloud security strategy.

checklist project

Rating software security Consumer Reports-style

The Cyber Independent Testing Lab (CITL) is fuzzing binaries at scale and building a checklist of compile-time security best practices.

istock 689775010

5 steps to boost your application security testing ROI

Even in the era of AI hype, spending more does not necessarily means spending wiser.

email iot internet security

Email security in 2018

Things are going to get even crazier...

sequence 01.00 10 50 27.still002
video

Are mass transit systems the next cybersecurity target? | Salted Hash Ep 14

Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems -- and what can be done.

Tablet with lock showing secure encryption

The battle to secure the digital environment

A true, multi-faceted digital risk management program takes a proactive approach to cleaning up corporate websites, while securing the corporate risk posture and protecting customers.

plastic soldiers

Open source software security challenges persist, but the risk can be managed

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

meltdown spectre

In the aftermath of yet another Meltdown, no secrets are safe

Meltdown and Spectre reveal that perfect information protection comes at an increasingly steep cost.

raining data on keyboard programming developer code

What is DevSecOps? Developing more secure applications

DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives.

cssh 013.00 22 53 39.still001
video

DJI's bounty problems and video surveillance programs | Salted Hash Ep 13

Host Steve Ragan unpacks the latest news about Chinese company DJI's bug bounty program, plus new developments in video surveillance and more, with Fahmida Rashid.

futuristic user interface - smart city - digital transformation

For strong API security, you need a program not a piecemeal approach

When designed and managed properly, APIs can be less problematic than traditional integration methods and can actually increase an organization's security posture.

meltdown spectre

Spectre and Meltdown: What you need to know going forward

As you've likely heard by now, there are some problems with Intel, AMD, and ARM processors. Called Meltdown and Spectre, the discovered attack possibilities are rather severe, as they impact pretty much every technical device on the...

danger unaware ts

Awareness training has failed us

And if awareness isn’t enough, is it time to look at our problems in a new way?

Load More
You Might Also Like