Application Security

Application Security | News, how-tos, features, reviews, and videos

cloud security ts

How do you secure the cloud? New data points a way

New reports show big differences in risk among public, private, and hybrid cloud deployments. Here’s advice on the tools, information, and organizational structure needed to execute a successful cloud security strategy.

cowboy shootout

The good, the bad & the ugly of using open source code components

Component use in development is here to stay. But so are the vulnerabilities lurking in these code snippets. What do developers think about this? Are they concerned, are they frustrated? What’s their take on this problem? We recently...

agile devops

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

rsa conference 2017

Quick take-aways from the RSA Security Conference

Last week's RSA Security Conference had good discussions and industry focus, but there was too much hype -- and there's lots of work ahead.

4 shock stunned fear

Negative motivation is not positive engagement

The barrage of fearmongering and FOMO over social media and advertising leads to a vicious cycle of negative engagement that builds anger and frustration that can’t be addressed by buying new products. We can break the cycle through...

security

Left-shifting enterprise appsec: what we can learn from mobile app developers

Multiple, concurrent innovations in enterprise application development present the opportunity to improve application security by “left-shifting” it to the beginning (and throughout) the dev cycle. Mobile app developers have to a...

01 hot products at rsa 2018

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

avast security pro for mac icon

Law enforcement uses anti-virus software to recover suspect's web history

Let’s mainstream the idea that privacy is almost impossible in the face of digital forensics. Avast AV leaving behind a private browsing database, is a shocking illustration of this.

CSO slideshow - Insider Security Breaches - Weak link breaks among a larger chain in a network

Microsegmentation evolves into a compensating control security tool

Illumio integrates Qualys data into its security platform to provide real-time vulnerability maps, enabling organizations to implement microsegmentation as a compensating control.

patch

6 steps for a solid patch management process

Patch management is simply the practice of updating software – most often to address vulnerabilities. Although this sounds straightforward, patch management is not an easy process for most IT organizations. Here are the steps you need...

fact fiction debunk myths truth

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

plastic soldiers

Open source software security challenges persist

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

mobile security threat detection

Keep your mobile workforce safe: understand the threats

As you review your mobile security strategy, make sure the solutions you choose shield devices from infected apps, man-in-the-middle attacks, OS exploits, malicious links in SMS messages and other exploits.

futuristic user interface - digital transformation

What is security’s role in digital transformation?

Digital transformation is front of mind for many senior executives, but too often security is left behind.

medical heart rate monitor ekg hospital

Nuance says NotPetya attack led to $92 million in lost revenue

Nuance Communications, a software company that offers speech and imaging technology to a number of markets, including healthcare and finance, said the 2017 NotPetya malware attacks caused the company to lose $92 million in revenue,...

hand holding paper cloud for google cloud logo

What is SQL injection? This oldie but goodie can make your web applications hurt

SQL injection attacks are well-understood and easily preventable, and the priority for risk mitigation should be preventing SQL injection attacks in the first place. Listen to Little Bobby Tables and sanitize your database inputs.

ransomware

5 tips to help you block ransomware

Learn about best practices to combat the threat of ransomware.

How Contrast Security protects applications from the inside out

Contrast Security has one of the most elegant solutions out there for application security. We can see why it scored 100 percent on the OWASP Security Benchmark.

protection privacy locks security cybersecurity

Endpoint security suites must have these features

Endpoint security vendors must be a one-stop endpoint security shop -- providing such things as anti-malware, anti-exploit, EDR and hybrid deployment options -- if they want to compete.

email iot internet security

The life and death of a document: where did it really go?

As the Moody Blues would say, what became of that letter you never meant to send?

Load More