Web App Security
Identity & Access Management: Give Me a REST
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
Comments (0)
Creating Your Own Privacy & ROI
June 17, 2013 Added by:Krypt3ia
You can in fact obscure a lot of what you do online and through telco but you have to be diligent. It means time and sometimes money (burn phones or laptops in some cases) to obfuscate as much as you can.
Comments (0)
Balancing Act Between Privacy and Security
June 13, 2013 Added by:Jarno Limnéll
Privacy and Security: Both are mandatory – and necessary. Privacy is inherent in our contemporary understanding of democracy, whereas security requires intelligence. The challenge lies in being able to find the right balance while avoiding excesses.
Comments (0)
Enterprise Software Security - The Fake Choice Between Fast and Secure
June 12, 2013 Added by:Rafal Los
If adding security to your enterprise software development methodology and lifecycle creates a significant amount of drag on the actual release deadlines —for an extended period of time — you’re doing it wrong.
Comments (0)
Scangate Re-visited: Vulnerability Scanners Uncovered
June 12, 2013 Added by:Ian Tibble
The notion that VA tools really can be used to give a decent picture of vulnerability is still heavily embedded, and that notion in itself presents a serious vulnerability for businesses.
Comments (0)
PHP and Application Security
June 10, 2013 Added by:Lee Mangold
The low barrier-of-entry for PHP allows inexperienced developers act like engineers and publish insecure code. These developers may be developing useful stuff, but they simply don't understand security.
Comments (0)
Digital Usage Policies and the ‘New’ Desktop
May 31, 2013 Added by:Mark Austin
The PC desktop is changing, so fast that what used to confidently be called the “desktop” is undergoing the sort of rapid evolution bound to throw up new and unfamiliar security challenges.
Comments (0)
Steps Toward Weaponizing the Android Platform
May 13, 2013 Added by:Kyle Young
In this article I will be covering ways that one can turn their Android based device into a powerful pocket sized penetration testing tool.
Comments (1)
Mobile Security Processes Could Be Applied to Medical Devices: Bluebox
May 10, 2013 Added by:Steve Ragan
Before malware could become a threat to medical devices, Adam Ely said attackers would have to write malware specifically targeted to these devices and organizations; or the devices would have to adopt a standard platforms and software.
Comments (1)
Infographic: Keeping Web Applications Safe
May 09, 2013 Added by:Mike Lennon
Continuing the security industry trend of publishing infographics, the folks at Enterprise Strategy Group published an infographic that illustrates some of the challenges associated with web application security.
Comments (0)
Do You Have a Vendor Security Check List? You Should!
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.
Comments (0)
Three Reasons Why a One-Size-Fits-All Secure SDLC Solution Won’t Work
May 08, 2013 Added by:Rohit Sethi
Forcing a security process on development teams that doesn’t take into account the way they develop software is a recipe for disaster. A good goal to have for secure SDLC is to minimize the impact on the team’s existing software development practice.
Comments (0)
What Security Risks Do Healthcare Organizations Face?
May 06, 2013 Added by:Michael Fornal
Today, hospitals and healthcare organizations face many risks that they didn’t have to deal with until few years ago. This ever growing list of risks includes social engineering, redundant applications, within a network and keeping patient files secure and confidential but yet available and escalation of privileges.
Comments (1)
Why Are We Failing at Software Security?
May 01, 2013 Added by:Nish Bhalla
While there are many granular reasons for software security failures at the institutional, developer or vendor level - there are five industry-wide problems that are fueling the current state of insecurity. These are complicated problems and will not be easy to solve. But until we do, software security will remain at risk.
Comments (0)
Takeaways from the 2013 Verizon Data Breach Investigations Report for Software Development Teams
April 29, 2013 Added by:Rohit Sethi
The 2013 Verizon Data Breach Investigations Report has some important data for software development teams, particularly when considering the likelihood of certain threats to your system.
Comments (0)
Could the AP Twitter Hack Have Been Prevented?
April 26, 2013 Added by:Gianluca Stringhini
This is the first time that people realize that Tweets can have a large effect on financial institutions. The question that people are asking is: could this compromise have been avoided?
Comments (0)
- Brand Damage Through Information Access
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security