Application Security

Application Security news, information, and how-to advice

hacker login password cliche

Leaked 1.4 billion credentials a risk to users and business

A more nuanced conversation is required to understand the risks that this interactive database poses to organizations.

6 password

Unraveling the truth about the NIST's new password guidelines

tl;dr: if you’re using a password manager, you should be in really good shape.

businesswoman mobile apps

3 big application security trends of 2017

The application security headlines of the year 2017 seemed like more of the same grim news, but some appsec trends are reasons to be hopeful.

4 source code

Is source code inspection a security risk? Maybe not, experts say

Some information security insiders raised a red flag when Russian requests to review security software code became known. The controversy may be a tempest in a teapot.

padlock with circuitry lock in secure

The modern security landscape is evolving: what you need to know

The emergence of apps, the cloud and other practices require rethinking security.


Calling Barracuda's WAF a firewall is seriously selling it short

The Barracuda Web Application Firewall (WAF) is more than a firewall, it's like the core of an independent bastion of cybersecurity, able to inspect both inbound and outgoing traffic.

astract code [Thinkstock]

GitHub’s new security scanner

A new service from GitHub is going to change how we build software. Again.

it skills gap

Acute cybersecurity skills shortage areas

Security analysts/investigators, application security specialists, and cloud security skills top a long list of skills deficits.

cyber crime cybersecurity

Research confirms the cybersecurity skills shortage is an existential threat

ESG research with ISSA shows that organizations don’t have the right levels of cybersecurity personnel, skills and ongoing training to keep up with cyber risk.

security software programmer primary

Application security: what’s working

There are a lot of ways that companies are missing the mark on AppSec, but there are a lot of ways they aren’t, and we can learn a lot from those that are doing it right.

Man pointing to security icon for email

Build an ultra-secure Microsoft Exchange Server

Yes, it's possible to do a Microsoft Exchange Server deployment that is secure enough for all but the most sensitive information. Here's how to do it.


3 ways to avoid Slack attacks

A potential new cybersecurity threat: hacks through Slack.

hardcore devops fists

How XebiaLabs brings order and efficiency to DevOps projects

DevOps is a hot topic in security these days, and for good reason: Software security flaws are often only discovered after an attacker has exploited them, which can cause huge losses of both data and revenue. Here's a look at how...

customer experience

Digital transformation: securing customer-centric initiatives

Organizations have a focus around improving the customer experience in every aspect of the customer journey. Often called “digital transformation,” this evolution is focused on modernizing tools and processes within an organization.

google logo

Google Advanced Protection Program protects high-risk users from hacks

Google Advanced Protection Program requires physical keys to access a Google account, protects against phishing, and blocks fraudulent.

cyber crime cybersecurity

NIST Cybersecurity Framework not just for large organizations

Small and mid-sized businesses are at most risk and so have greater need.

Define your organization's culture

Creating a secure development culture

Focusing on culture might be the most important thing an organization can do when developing secure software.

cloud apps

Shadow cloud apps pose unseen risks

When individuals and departments bypass IT to acquire cloud services and apps, IT and security teams are blind to the security vulnerabilities and compliance issues they present.

Hacker with laptop surrounded by binary code

Is 'secure open source component use' an oxymoron?

Component use in development isn’t going away, and neither is its accompanying risk.

computer frustration woman orange

5 signs that your software probably isn't secure

Software that is sloppily written probably isn't very secure. Here are some things to look for.

Load More
You Might Also Like