Application Security

Application Security | News, how-tos, features, reviews, and videos

cloud apps

Feature

Cloud functions present new security challenges

Cloud functions, or serverless apps, are small, fast and pop in and out of existence. So, how do you secure them?

blue padlock in circle pixels digital security padlock

Secure EnterpriseBy Gerry Gebel
IDG Contributor Network

When security and privacy overrule convenience

Organizations can enable end-to-end API security with OAuth, OpenID Connect and ABAC.

data protection

Ahead of the ThreatBy Isaac Kohen
IDG Contributor Network

Cybersecurity outlook: data protection takes center stage

From an ever-increasing uptick in data breaches to the rise of Cybercrime-as-a-Service, data protection will continue to be top of mind for CIOs and their teams through 2018 and beyond.

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

Feature

24 best free security tools

Check out these 24 free, standout software tools that will make your daily security work easier.

24 best free security tools

Check out these 24 free, standout software tools that will make your daily security work easier.

containers port ship boat

Cybersecurity SnippetsBy Jon Oltsik

Containers are here. What about container security?

ESG data indicates that cybersecurity pros have problems around the nuances of container technology and implementing container-centric security controls.

passwords

Future IdentityBy Susan Morrow
IDG Contributor Network

Will WebAuthn replace passwords or not?

Or, the password is dead – long live the password.

security

The Security MeltdownBy Ben Rothke
IDG Contributor Network

RSA 2018 conference recap

Memories from the greatest information security show on earth.

cubes - blocks - squares - containers - storage - repository

Focus on Container SecurityBy David Lawrence
IDG Contributor Network

Fact vs. fiction: 6 myths about container security

Quell these myths to find default security and secure coding at the heart of well-architected containers.

email bullseye with three red arrows

Salted Hash- Top security newsBy Steve Ragan

Researchers warn PGP and S/MIME users of serious vulnerabilities

A professor at Münster University issued a warning on Sunday about serious vulnerabilities in PGP and S/MIME – two widely-used methods for encrypting email – which, if exploited, could reveal plain text communications. The issue also...

cowboy shootout

Secure from the StartBy Chris Wysopal
IDG Contributor Network

The good, the bad & the ugly of using open source code components

Component use in development is here to stay. But so are the vulnerabilities lurking in these code snippets. What do developers think about this? Are they concerned, are they frustrated? What’s their take on this problem? We recently...

agile devops

Feature

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

rsa conference 2017

Cybersecurity SnippetsBy Jon Oltsik

Quick take-aways from the RSA Security Conference

Last week's RSA Security Conference had good discussions and industry focus, but there was too much hype -- and there's lots of work ahead.

4 shock stunned fear

Security From The Upside DownBy Mitchell Parker
IDG Contributor Network

Negative motivation is not positive engagement

The barrage of fearmongering and FOMO over social media and advertising leads to a vicious cycle of negative engagement that builds anger and frustration that can’t be addressed by buying new products. We can break the cycle through...

security

An Eye On IdentityBy Amir Jerbi
IDG Contributor Network

Left-shifting enterprise appsec: what we can learn from mobile app developers

Multiple, concurrent innovations in enterprise application development present the opportunity to improve application security by “left-shifting” it to the beginning (and throughout) the dev cycle. Mobile app developers have to a...

01 hot products at rsa 2018

Slideshow

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

Security & ForensicsBy Paul Shomo
IDG Contributor Network

Law enforcement uses anti-virus software to recover suspect's web history

Let’s mainstream the idea that privacy is almost impossible in the face of digital forensics. Avast AV leaving behind a private browsing database, is a shocking illustration of this.

CSO slideshow - Insider Security Breaches - Weak link breaks among a larger chain in a network

Security IntelligenceBy Zeus Kerravala

Microsegmentation evolves into a compensating control security tool

Illumio integrates Qualys data into its security platform to provide real-time vulnerability maps, enabling organizations to implement microsegmentation as a compensating control.

patch

Feature

6 steps for a solid patch management process

Patch management is simply the practice of updating software – most often to address vulnerabilities. Although this sounds straightforward, patch management is not an easy process for most IT organizations. Here are the steps you need...

fact fiction debunk myths truth

Feature

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

Load More

Popular Resources

eBook
Sponsored

Introduction to XtremIO Metadata-Aware Replication
White Paper

How to Simplify IT for Effective Digital Transformation
Research/Infographic
Sponsored

Infographic: Modernizing Enterprise IT, Motivators and Challenges
Video/Webcast
Sponsored

Out with the Old, In with the New - The tease that is software automation & devops
White Paper

Managing Risk

See All

Most Popular

BrandPosts

Sponsored by CA Veracode

How to Make Application Security a Competitive Advantage - Webinar
Sponsored by Fortinet

The Value of Third Party Testing

Sponsored Links