Blog Posts Tagged with "Application Security"
June 14, 2011 Added by:Kelly Colgan
As our smartphones have become our wallets and personal computers, holding everything from banking to social network information, they’ve become targets for hackers, scammers and criminals. Our phones hold a treasure trove of data—and the bad guys know it...
June 13, 2011 Added by:Headlines
"It [Plankton] has the ability to remotely access a command-and-control [C&C] server for instructions, and upload additional payloads. It uses a very stealthy method to push any malware it wants to phone... This is pretty serious..."
June 10, 2011 Added by:Rafal Los
Being able to tie exploitable issues in a running application to source code is the Holy Grail of security testing... but it's unlikely you'll get good adoption and success if you're trying to hand a bunch of developers black-box security testing technology...
June 08, 2011 Added by:Danny Lieberman
We all use the term ”IT Governance” as if security of data was dependent on policy. Since we have lots of IT governance and lots of data breaches, we may safely assume that writing procedures while the hackers attack software and steal data is not an effective security countermeasure...
June 06, 2011 Added by:Bozidar Spirovski
Security incidents come in all shapes and sizes. They can affect availability, confidentiality or integrity. Shortinfosec organized a Linkedin poll to observe the opinions of the professionals on what are the sources of security incident that they deem most frequent...
June 01, 2011 Added by:Robb Reck
Information security works differently than IT. Rather than focusing on how to build a system that can meet a requirement, the security-minded will focus on how to build a system that cannot do anything but meet a requirement. The difference is subtle, but critically important...
May 26, 2011 Added by:Robert Siciliano
The Payment Card Industry Standards Council is not yet granting approval to any mobile payment applications. With the explosive growth of the mobile payment industry, they are holding off and waiting to see which technologies rise to the top...
May 25, 2011 Added by:Rafal Los
Can you handle the work it would take to ratchet up security on your applications? If you've got more than a dozen applications with more then 5 in the pipeline, you can figure on a single non-dedicated resource being able to handle one application security test per week, tops...
May 23, 2011 Added by:Rafal Los
Sadly, as your privacy shrinks - or as you give more and more of it away - the possibility of that crazy night in "Sin City" will follow you not just to work on Monday, but maybe to the next time a hacker is trying to penetrate your applications attack surface...
May 19, 2011 Added by:Brent Huston
Today, you have a plethora of code review automation tools and source code scanners. These tools make an easy way to pick the low hanging (and sometimes higher) vulnerabilities out of your code long before it is exposed to malicious outsider/insider contact...
May 17, 2011 Added by:Rafal Los
I've spent several meetings in the last few months reminding people that even though they perform security testing and validation of their apps before they deploy they're leaving those apps running, in some cases for years, without looking back in on them. This is a bad thing...
May 16, 2011 Added by:Headlines
"Google has removed the offending apps, published by "zsone," from the official Android Market, but researchers at the security firm Kaspersky Lab said it's possible the malware, classified as a Trojan because it hides inside software, affects more than the 11 apps AegisLab found..."
May 13, 2011 Added by:Alexander Rothacker
ERP applications are attractive targets because this software is present in all major organizations and across the whole enterprise. The backend database of these systems usually contains customer data and key company secrets, such as the logic for business processes...
May 12, 2011 Added by:kapil assudani
Determining the security profile of an application is a very involved and complicated process – one needs to understand the business logic of the application, its integration with other applications and the security profile of the context this application interacts with...
May 11, 2011 Added by:Rafal Los
While the blistering speed of application development and deployment may enable the business to be more agile and responsive to the changing business climate than ever, it creates unparalleled challenges for anyone with security as part of their job description...
May 08, 2011 Added by:Rafal Los
A solid Software Security Assurance program takes into consideration the legacy risks from all the applications that have existed before a security program came into being. The issues that surround legacy applications are complex, and can create headaches for security teams...
Student Pleads Guilty to Counterfeiting Coup... on 06-18-2013
Starting to Clean Up the Mess from PCAnywher... Peggy Patterson on 06-18-2013