Search:

Items Tagged with "Application Security"


E973b16363b3de77b360563237df7e32

Examining the Sources of Security Incidents

June 06, 2011 Added by:Bozidar Spirovski

Security incidents come in all shapes and sizes. They can affect availability, confidentiality or integrity. Shortinfosec organized a Linkedin poll to observe the opinions of the professionals on what are the sources of security incident that they deem most frequent...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Focusing on Success or Failure in IT and Infosec

June 02, 2011 Added by:Robb Reck

Information security works differently than IT. Rather than focusing on how to build a system that can meet a requirement, the security-minded will focus on how to build a system that cannot do anything but meet a requirement. The difference is subtle, but critically important...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Mobile Payments Set to Dramatically Increase

May 26, 2011 Added by:Robert Siciliano

The Payment Card Industry Standards Council is not yet granting approval to any mobile payment applications. With the explosive growth of the mobile payment industry, they are holding off and waiting to see which technologies rise to the top...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Prescriptive Software Security Assurance for SMBs

May 25, 2011 Added by:Rafal Los

Can you handle the work it would take to ratchet up security on your applications? If you've got more than a dozen applications with more then 5 in the pipeline, you can figure on a single non-dedicated resource being able to handle one application security test per week, tops...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Las Vegas Wants to be Your Friend on Facebook

May 23, 2011 Added by:Rafal Los

Sadly, as your privacy shrinks - or as you give more and more of it away - the possibility of that crazy night in "Sin City" will follow you not just to work on Monday, but maybe to the next time a hacker is trying to penetrate your applications attack surface...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Think You Can’t Afford Code/App Testing? Think Again...

May 20, 2011 Added by:Brent Huston

Today, you have a plethora of code review automation tools and source code scanners. These tools make an easy way to pick the low hanging (and sometimes higher) vulnerabilities out of your code long before it is exposed to malicious outsider/insider contact...

Comments  (1)

924ce315203c17e05d9e04b59648a942

Granular Application Control Drives Next Gen Firewalls

May 18, 2011

Web apps in particular have become a nightmare for IT staff. Should users be allowed to use Twitter, URL shorteners like bit.ly or ur1.ca, or even Facebook? And if they do what should they be allowed to do within the app? Posting updates is one thing. Playing Mafia Wars is another...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Post-Production Application Security Testing

May 18, 2011 Added by:Rafal Los

I've spent several meetings in the last few months reminding people that even though they perform security testing and validation of their apps before they deploy they're leaving those apps running, in some cases for years, without looking back in on them. This is a bad thing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

SMS Trojan Infects Multiple Android Applications

May 16, 2011 Added by:Headlines

"Google has removed the offending apps, published by "zsone," from the official Android Market, but researchers at the security firm Kaspersky Lab said it's possible the malware, classified as a Trojan because it hides inside software, affects more than the 11 apps AegisLab found..."

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

ERP Vulnerabilities Differ from Those at the Database Level

May 13, 2011 Added by:Alexander Rothacker

ERP applications are attractive targets because this software is present in all major organizations and across the whole enterprise. The backend database of these systems usually contains customer data and key company secrets, such as the logic for business processes...

Comments  (0)

67a9d83011f3fbb2cf8503aff453cc24

Application Security Profiling Exercise: Important Considerations

May 13, 2011 Added by:kapil assudani

Determining the security profile of an application is a very involved and complicated process – one needs to understand the business logic of the application, its integration with other applications and the security profile of the context this application interacts with...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Securing Applications at High Velocity

May 11, 2011 Added by:Rafal Los

While the blistering speed of application development and deployment may enable the business to be more agile and responsive to the changing business climate than ever, it creates unparalleled challenges for anyone with security as part of their job description...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Supporting "Unmaintainable" Applications

May 09, 2011 Added by:Rafal Los

A solid Software Security Assurance program takes into consideration the legacy risks from all the applications that have existed before a security program came into being. The issues that surround legacy applications are complex, and can create headaches for security teams...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

Is Too Much Focus Put on the Application Layer?

May 06, 2011 Added by:Keith Mendoza

Information system security is really nothing new, its just that no one has paid attention to it until recently; and the focus seem to mostly be on securing the application. My question is: who will make sure that the attack vector will not come from the hardware layer?

Comments  (4)

Af9c34417f8e5e0d240850bb353b5d40

Basic Secure Coding Practices for C or C++

May 04, 2011 Added by:Keith Mendoza

Most privilege escalations take advantage of being able to modify the code being executed because the application writes to memory locations past what it allocated. However, if you have a variable that uses up more space than the amount of data, that's extra space for an attacker to use...

Comments  (3)

0a8cae998f9c51e3b3c0ccbaddf521aa

Critical Keys to Successful Application Security Testing

May 04, 2011 Added by:Rafal Los

Keeping up with the amount of applications being released can often lead to more subtle issues. We can all say with relative confidence that just because an application has been tested does not make it secure - and even the best analysts & testers can miss security defects...

Comments  (0)

Page « < 9 - 10 - 11 - 12 - 13 > »
Popular Topics
Anonymous  Application Security  Attacks  Authentication  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyberwar  Data Loss  Data Loss Prevention  Encryption  Enterprise Security  Government  Hacktivist  Headlines  Industrial Control Systems  Information Security  Infosec  Infrastructure  Legal  Managed Services  Military  National Security  Network Security  PCI DSS  Passwords  Privacy  Risk Management  SCADA  Security  Security Awareness  Training  Vulnerabilities  breach  breaches  hackers  internet  malware 

Your Own Private Island

December 24, 2011
Coming Soon! Build your own Island right here!

Make your home Infosec Island with your own private vanity URL, design options and private network of followers.

Infosec Island v2

December 24, 2011
The latest version of Infosec Island is now available. There are more content options and more ways to connect and interact with your peers.

Thanks to everyone for a great year, and we're looking forward to an excellent 2012!
Latest Survey Results
2011 will be most likely be remembered for:
results