Application Security

Application Security | News, how-tos, features, reviews, and videos

conference / convention / audience / applause / clapping
iot security startups hot highlights planets rocket lock security

A 'GitHub social coding' mug sits in a desktop workspace.

15 open source GitHub projects for security pros

GitHub has a ton of open-source options for security professionals, with new entries every day. Add these tools to your collection and work smarter.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier, whether it's pen-testing, OSINT, vulnerability assessment, and more.

Missed target arrows bullseye

7 most common ways to fail at DevSecOps

DevSecOps initiatives are fraught with peril and require careful consideration of culture, learning, process and business needs. Here's how companies tend to fail in those areas.

security posture / cybersecurity landscape / binary eye / locks / keyholes / firewall / gears

4 steps to better security hygiene and posture management

Increasing scale and complexity have made keeping up with security hygiene and posture management cumbersome and error prone, leaving organizations exposed. Here's what leading CISOs are doing to close the gap.

backdoor / abstract security circuits, locks and data blocks

PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository by impersonating key developers, forcing changes to the PHP Group's infrastructure.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

5 tips for a successful penetration testing program

Proper preparation is key to finding the real weaknesses and vulnerabilities in your network through a pentest. These are the five things you need to do before starting.

Check mark certificate in a binary tunnel / standards / quality control / certification / certifi

New free software signing service aims to strengthen open-source ecosystem

The Linux Foundation's sigstore code-signing software, developed with Google, Red Hat and Purdue University, will help prevent attacks on the software supply chain.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands cradle an abstract, virtual security matrix.

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Triangular alert with exclamation mark amid abstract binary and sketches of scattered books.

Dependency confusion explained: Another risk when using open-source repositories

Dependency confusion is a newly discovered logic flaw in the default way software development tools pull third-party packages from public and private repositories. Here's what you need to know.

digital cloud computing cyber security digital data network future picture id1216520824

Top 7 security mistakes when migrating to cloud-based apps

As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

cubes - blocks - squares - containers - storage - repository

Half of all Docker Hub images have at least one critical vulnerability

New research reveals the scale at which criminals have exploited public open-source Docker repositories to plant malware among container images.

cso ts ai ml by just super getty images 2400x1600

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how experts minimized their risk.

cybersecurity controls

14 controls for securing SAP systems in the cloud

Organizations often don't follow security best practices when deploying and managing complex SAP systems. This set of security controls from the Cloud Security Alliance aims to change that.

One lock in a series is unlocked / weakness / vulnerability

Half of all virtual appliances have outdated software and serious vulnerabilities

New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.

internet web browser https / url address bar

Silo for Safe Access: A more secure web browser for some use cases

Authentic8's Silo is a sandboxed web browser designed to protect users and systems from malicious code. It can be a more secure option than VPNs or virtual desktops in some cases.

RIP - grave - tombstone - cemetery - death [Image by Rob van der Meijden - CC0 via Pixabay]

Preparing for Flash and Office 2010 end-of-life

The imminent end of Microsoft's support for Adobe Flash is a good excuse to see what other end-of-life applications running on your Windows network could leave you vulnerable.

Application security  >  Software code + data protected with a lock

What is application security? A process and tools for securing software

Application security is the process of making apps more secure by finding, fixing, and enhancing the security of apps. Checking for security flaws in your applications is essential as threats become more potent and prevalent.

Load More
You Might Also Like