Blog Posts Tagged with "Application Security"

0a8cae998f9c51e3b3c0ccbaddf521aa

Rediscovering Our Way: OWASP AppSec Ireland 2012

September 20, 2012 Added by:Rafal Los

We can't expect the OWASP community to continue forward as a collection of application-security focused professionals without developer outreach, education, and more outreach. Application (and software) security isn't about security people at all, it's about developers...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Microsoft Forcing Users to Use Less Secure Passwords

September 18, 2012 Added by:Dan Dieterle

Looks like Windows 8 is capped at a 16 character limit for compatibility with existing Microsoft Accounts. With the decrease of the character set, by limiting special characters for compatibility with Microsoft’s other services, the passwords are less secure than before...

Comments  (2)

4c1c5119b03285e3f64bd83a8f9dfeec

Preparing Developers for Tomorrow’s Cloudy World

September 17, 2012 Added by:Ben Kepes

"The advent of cloud computing has removed infrastructure as a barrier to rapid and massive scaling of applications. [IaaS and Paas have] made it possible for a developer to create an application one day and have it utilized by hundreds of thousands of users the next..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Are Applications and Services on the Public Cloud Secure?

September 15, 2012 Added by:Rafal Los

Any application that was built to be secured independently of the environment will do as well in a public cloud as it did in your private data center. If you build the application to be low-risk independent of your environmental controls you shouldn't have to worry where it lives...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The SDLC Knowledge Gap in Motion: DevOps to the Rescue?

September 12, 2012 Added by:Rafal Los

I can't tell you the fun things we found in this pre-production environment when we started digging around during security testing. No, really, I can't tell you, but rest assured it didn't end with misconfigurations, or accidental code bits being included...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Will the Rise of Tablets Affect Security Measures in the Workplace?

September 11, 2012 Added by:Robert Siciliano

While your company’s IT guy has a relative hold on the work laptops and desktops, and even some of the mobiles, he is quickly losing control when you bring your new Droid and connect it to the corporate network. Now he has to worry if that last app you downloaded will infect the network...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Securing Your Application Perimeter: Getting Results

September 08, 2012 Added by:Fergal Glynn

What applications should you be testing? Just because the discovery process identifies 300 web applications doesn’t mean that you’d want to test the 30 that clearly should be decommissioned...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Will Your Smartphone Become your Wallet?

September 05, 2012 Added by:Allan Pratt, MBA

Will all smartphone users feel comfortable transforming their them into wallets? What about security? What if you lose your phone and the person who finds it hacks into your accounts? Now, these cool capabilities don’t sound so impressive. In fact, there are some serious consequences...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Securing Your Application Perimeter: What to Test for Vulnerabilities

September 05, 2012 Added by:Fergal Glynn

When dynamic scanning engines were first designed they were primarily tools for penetration testers to use on a few select web applications deemed critical enough to warrant serious testing. But times have changed, every Internet facing application is now a potential attack surface...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Yandex.ru Indexing Crawler Issues

August 30, 2012 Added by:Brent Huston

Sadly, many web crawlers and index bots do not honor the rules of robots.txt. Nor do attackers who are indexing your site for a variety of attack reasons. Given the impacts that some of these indexing tools can have on bandwidth, CPU use or database connectivity, other options for blocking them are sometimes sought...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Crisis Malware Threatens Virtualized Environments

August 24, 2012 Added by:Pierluigi Paganini

Crisis Malware is an agent used to spy on victims by intercepting communications, and it is able to open a backdoor on the infected host once the user executes a JAR file made to look like an Adobe Flash Installer. The malware has been developed for several OSs, and a Mac version has been isolated...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Which Application Testing is Right for Your Organization?

August 23, 2012 Added by:Brent Huston

Billions of dollars and millions of identities are at stake every day. In the past, security professionals thought firewalls, Secure Sockets Layer, patching, and privacy policies were enough to protect websites from hackers. Today, we know better. Whatever your industry — you should have consistent testing...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

The Seven Qualities of Highly Secure Software

August 23, 2012 Added by:Ben Rothke

Behind nearly every vulnerability is poorly written software. The 7 Qualities of Highly Secure Software highlights qualities that are essential to stop insecure code. This is a highly valuable book that can be of significant use to every stakeholder, from those in the boardroom to the head of application development...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

A Day Without COBOL: The Crucial Role it Plays

August 21, 2012 Added by:Bill Gerneglia

Those who have labeled COBOL ‘a dying language’ should reconsider. With COBOL supporting the majority of the world’s businesses, it is impossible to dispute its viability in the enterprise. It remains a cornerstone of business-critical applications and has successfully navigated through each computing generation...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

The Cloud: It’s About Flexibility

August 21, 2012 Added by:Ben Kepes

As far as I’m concerned, the future will see a gradual shift from on-premise, to private cloud, to public cloud – that’s a factor of economics and scale. But the bottom line is that cloud isn’t about meeting a series of technical check boxes; it’s about meeting the needs of the business...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Buggy out the Door: Externally Discovered Defects (EDD)

August 15, 2012 Added by:Rafal Los

What if 25% of your bugs actually ARE discovered by your customers? There is a collision of a few things here that makes this matter a lot less simple than we'd like, and a lot less convenient if you think you have a solution to the problem, but in the end it is a problem...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »