Items Tagged with "Application Security"
March 19, 2012 Added by:Headlines
"Our envisioned service builds on crowdsourcing, virtualization, and automation to enable large-scale analysis of apps. AppScanner provides end-users with more understandable information regarding what mobile apps are really doing on their devices..."
March 19, 2012 Added by:Fergal Glynn
The recent explosion in Mobile application development paints a clear picture of the modern development landscape. Not only in terms of the incredible speed of production, but perhaps more importantly, the widening gap between speed-to-market and software security quality...
March 16, 2012 Added by:Danny Lieberman
March 15, 2012 Added by:Wendy Nather
If you have parts of your infrastructure outsourced, go over your contracts with your providers. You want them to be able to give you logs within a few minutes of the request and have the right technical support without fighting your way through first-level script-readers...
March 14, 2012 Added by:PCI Guru
Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...
March 14, 2012 Added by:Electronic Frontier Foundation
In the upcoming release on April 26, Ubuntu 12.04 is introducing operating system-wide settings that let you delete portions of your activity log, disable logging for specific types of files and applications, or disable activity logging altogether...
March 13, 2012 Added by:Fergal Glynn
Whatever the intended use of your input may be, even if you employ best practices to prevent data tampering, verifying individual pieces of data both at the reading and writing stage is a good defense in depth measure that can be taken with minimal effort...
March 13, 2012 Added by:Robert Siciliano
Handset manufacturers, application developers, and mobile security vendors continue working to improve mobile security. Banks are offering a consistent sign-on experience for both their online and mobile channels, including multifactor authentication programs for mobile...
March 07, 2012 Added by:Fergal Glynn
A holistic application security approach that includes integrating developer training with static analysis and advanced remediation techniques will help reduce overall risk across your enterprise application portfolio and will strengthen your security program...
March 05, 2012 Added by:alan shimel
This first installment of what promises to be a semi-annual report sheds some real light on the differences between on premises and cloud security environments, and also advances the notion that despite the FUD the cloud may in fact be safer for certain kinds of applications...
March 02, 2012 Added by:Brent Huston
During the WWDC keynote, Brent Huston spent considerable time discussing the lack of built-in security for the iOS. Each unique identifier on numerous devices would allow possibly unwanted users to see information they shouldn’t see. In some cases, not such a bad idea...
March 02, 2012 Added by:Robert Siciliano
With unit sales of smartphones and tablets eclipsing those of desktop and laptop PCs, cybercriminals will continue setting their sights on mobile, and increased mobile Internet use will continue exacerbating security and data breach issues. Protect yourself...
February 28, 2012 Added by:Rafal Los
The way patching works right now on all different levels I'm surprised anything works because we have operating system patches going in with application patches - and we're all just a heartbeat away from catastrophe. Maybe more continuous patching can be our savior...
February 24, 2012 Added by:Pamela Gupta
Traditional access control is simple, but permission-based access has become challenging – applications that request the user’s permission to access sensitive data explicitly. We are expecting users to be system administrators without adequate training, which is not feasible...
February 24, 2012 Added by:Headlines
"Smartphones and tablets are finally delivering consumers with these converged and connected experiences we've been promised for so long. But this is a double edged sword: as smart device usage becomes more sophisticated, so too are cyber criminals' methods of attacking..."
February 23, 2012 Added by:Keith Mendoza
The only real fix for this is a mindset shift. At the minimum, software developers need to code defensively regardless of the scope of the project, because this needs to become a habit. Coding standards should include requirements that all compiler warnings should be resolved...