Web App Security

18d2ccc39431a1f63d67dd3252263400

The Hidden Security Risks of Cloud APIs

December 02, 2016 Added by:Sam Rehman

With the inherent security flaws taken care of, cloud software can take full advantage of the benefits of APIs without exposing themselves or their clients to attack.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

Differential Privacy vs. End-to-end Encryption – It’s Privacy vs. Privacy!

October 12, 2016 Added by:Vanishree Rao

While differential privacy is a promising tool, implementing and deploying it while retaining the privacy of end-to-end encryption is challenging.

Comments  (0)

3dd71538193c3acd65ec65f95a45ac0b

What Is ID and Verification and Why Is It Such an Integral Part of Digital Life?

September 23, 2016 Added by:David Poole

ID&V is part of our lives and while there might be complaints about the inconvenience that obtrusive security plays in digital commerce, it is still an improvement on how things used to be.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

What Elements Are Needed for Security Analytics Success?

August 23, 2016 Added by:Mike Paquette

Not all security analytics solutions are created equal. There are five key characteristics critically important to ensuring that your security analytics are effective and capable of stopping today’s advanced threats.

Comments  (0)

459a952dc77e8d9757246964dee7fd18

Pragmatic Steps to Manage File Data Leakage Risks

August 18, 2016 Added by:Scott Gordon

Next generation F-DRM solutions offer an effective and flexible technical control that can be applied today to reduce file data leakage risks across different infrastructure, collaboration methods, user types and business requirements.

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SAP Cyber Threat Intelligence Report – August 2016

August 11, 2016 Added by:Alexander Polyakov

SAP has released the monthly critical patch update for August 2016. This patch update closes 30 vulnerabilities in SAP products including 26 SAP Security Patch Day Notes and 4 Support Package Notes.

Comments  (0)

Bff69da3ab11dd09027195fd431c4b09

Exploit Kits: Infiltrating the Ad Industry with Traditional Tactics

August 11, 2016 Added by:Karl Sigler

Exploit kits are increasingly using the evil twin of an advertisement, a malvertisement, as a gateway to a web browser.

Comments  (0)

Ad62dd51cf8a9e3d667bcdd92d493ccc

One Encryption Backdoor Is One Too Many

August 11, 2016 Added by:Joe Levy

Although the FBI no longer needs to force Apple to unlock an iPhone that belonged to one of the San Bernardino terrorists, the debate must continue. Strong encryption that cannot be exploited by external or internal actors is a must for any organization.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

PayPal Fixes CSRF Bug in PayPal.me Website

August 01, 2016 Added by:Ionut Arghire

PayPal recently resolved a cross-site request forgery (CSRF) vulnerability affecting the PayPal.me website, which could have allowed an attacker to change a user’s PayPal profile picture.

Comments  (0)

0133c663c244df033c2eeb2248dfee32

Fighting Alert Fatigue

July 06, 2016 Added by:Mike Paquette

By augmenting their efforts with behavioral analytics and machine learning, teams can be sure they reduce alert noise and fatigue while quickly identifying and addressing the issues that actually matter before they hurt their customers or the bottom line.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

Cloud Security Can’t Be Ignored Anymore, Thanks to Millennials

May 09, 2016 Added by:Vanishree Rao

Thanks to digital preferences of millennials, increased digitization and cloudification will drive the demand for cloud security products and services.

Comments  (0)

Fa42af438e58b799189dd26386f5870f

Steam Patches Crypto Code to Prevent Padding Oracle Attacks

May 03, 2016 Added by:Ionut Arghire

Steam recently patched security vulnerabilities in its system to prevent attackers from tapping into the data transmitted between a local client and the Steam network to view plain-text passwords or take over accounts.

Comments  (0)

591c39c65cf5c298ccd0f1cd5818e961

End-to-end Encryption, Today -- Loophole Closed or Moved?

April 22, 2016 Added by:Vanishree Rao

End-to-end encryption does not solve the problem, despite the common perception that it is the holy grail of instant-messaging security. It is necessary that service providers shift their attention toward non-traditional key-derivation mechanisms to close the loophole.

Comments  (0)

0691ab2a89db6dae5b9845dee3dd63a4

Cloud Email Applications Could Put Your Corporate Data at Risk

April 12, 2016 Added by:Yotam Gutman

Third party email cloud application could expose the organizations data since employees now have the ability to grant applications access to their corporate information

Comments  (0)

05a24d7e4020553c4a923a0d8126d8c9

Reducing the Attack Surface is a Fool’s Errand

April 01, 2016 Added by:Paul Morville

This April Fool’s Day, let’s acknowledge that a security strategy focused exclusively on patching and prevention is a fool’s errand and let’s move towards an adaptive approach that includes prevention, detection, continuous visibility and response.

Comments  (0)

F08d1219500edcf01d8b56ee28634437

March Madness Security Threats Can Drive Any Organization Mad!

March 14, 2016 Added by:Mark Parker

Unfortunately, while the popularity of March Madness (the NCAA Basketball Tournament) has grown exponentially, nearly every facet of any employee’s involvement with the event could open up the employee, as well as the organization, to a number of cyber risks.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »