Blog Posts Tagged with "Web Application Security"

306708aaf995cf6a77d3083885b60907

Infographic: Keeping Web Applications Safe

May 09, 2013 Added by:Mike Lennon

Continuing the security industry trend of publishing infographics, the folks at Enterprise Strategy Group published an infographic that illustrates some of the challenges associated with web application security.

Comments  (2)

68b48711426f3b082ab24e5746a66b36

Automation, Dog Food and a Security State of Mind

January 20, 2013 Added by:Fergal Glynn

As a developer, I don’t focus on is security. I usually get the security correct, but my main goal is making all the parts work together well. And that’s true of most developers most of the time...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

32137b352537f11c1efe063869f00e0e

Java, Flash, and the Choice of Usability Over Security

September 10, 2012 Added by:Le Grecs

Convenience vs. Security: My goal of not installing Flash and Java on a new system didn't last more than a few hours. Yet, as infosec professionals, following the disable unnecessary services philosophy, we advise not installing these types of applications for security reasons...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

The OTHER Problem with Passwords

August 29, 2012 Added by:Wendy Nather

Organizations are motivated to prioritize ease of use over security if they feel their target audience won't be able to use advanced features without support. The result is that the password reset process to an address of record is the easiest way to get into an account. And of course attackers know this too...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

Chimps With Guns and the Bloggers Who Give Them Ammo

August 02, 2012 Added by:Infosec Island Admin

One must know the technology and the problems with it before using it cognizantly. This unfortunately is not the case in what is being advocated by Quinn Norton on Wired with regard to Cryptocat. Specifically where she makes declamations about overthrowing governments with things like untested crypto schemes...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Thousands of Sites Hacked with Plesk Zero Day Exploit

July 10, 2012 Added by:Headlines

"What is interesting is that most of our clients always used to be using CMSs (like WordPress, Joomla, etc), but lately we are seeing such a large number of just plain HTML sites getting compromised and when we look deeper, they are always using Plesk..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Despite Breach Trends - Website Vulnerabilities Decrease

July 02, 2012 Added by:Headlines

"Despite the plethora of recent breach headlines, websites could in fact be getting... less vulnerable... The time for using 'No one would want to attack us' as a security strategy is clearly over, if it was ever true to begin with. Any company doing business online has something worth hacking into..."

Comments  (1)

Af9c34417f8e5e0d240850bb353b5d40

In Secure Programming, the Documentation Matters Too

June 28, 2012 Added by:Keith Mendoza

Some will argue that using the documentation is a cop out; that it's more of a liability protection than "secure programming". I would argue that the documentation should be part of the "secure programming" practice because it makes it clear to everyone what they should expect from the application...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Building Secure Web Applications: An Infographic

June 14, 2012 Added by:Fergal Glynn

Neglecting to take security measures at the application layer is one of the most common causes of data breaches, yet many companies still leave their applications unprotected. Securing applications begins with developer training on the risks applications face and methods required for vulnerability prevention...

Comments  (0)

C4363f41d25c216c53c8d71a1ac44a90

Facebook "Like" Button = Privacy Violation + Security Risk

May 21, 2012 Added by:Matthijs R. Koot

If you walk into a store, would you appreciate it if the owner phoned a random stranger to tell them? Probably not. Yet every time I visit a website that has a Facebook `Like'-button, my browser discloses that visit to Facebook, despite the fact that I do not have a Facebook profile...

Comments  (3)

68b48711426f3b082ab24e5746a66b36

Guide to the OWASP Application Security Top Ten

May 01, 2012 Added by:Fergal Glynn

Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. All of its articles, methodologies and technologies are made available free of charge to the public...

Comments  (0)

48f758be63686a73484a7380e94f73d0

Vulnerability Remediation: No More Traffic Signals

March 22, 2012 Added by:Ed Bellis

When you dig into the issue of prioritization it can be complex. Adding to the complexity, factors are often different from organization to organization. I am all for breaking things down to their simplest parts by obfuscating the complex factors, not by eliminating them...

Comments  (2)

3071bd3c5c013c8c3defcccad0259c16

Reaching for the Cloud: A Contemporary Infosec Perspective

March 21, 2012 Added by:Hani Banayoti

We need to entrust information security to professionals who not only know the fundamental principles and technologies, but are also able to understand and support the business's goals in order to influence and contribute positively to the ongoing infosec challenge...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Applications vs. the Web: Enemy or Friend?

March 16, 2012 Added by:Danny Lieberman

A minimum of two languages on the server side (PHP, SQL) and three on the client side (Javascript, HTML, CSS) turns developers into frequent searchers for answers on the Internet driving up the frequency of software defects relative to a single language development platform...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

The Need for Advancements in Browser Based Security

March 08, 2012 Added by:Headlines

"Data protection is fast becoming a product and service differentiator. It is incumbent on business leaders to take a holistic view of these issues and understand how they are undermining consumer trust. Now is the time for businesses to make data protection a priority..."

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »