Items Tagged with "Application Security"


959779642e6e758563e80b5d83150a9f

Application Software in the Cloud – Power to the People

June 08, 2011 Added by:Danny Lieberman

We all use the term ”IT Governance” as if security of data was dependent on policy. Since we have lots of IT governance and lots of data breaches, we may safely assume that writing procedures while the hackers attack software and steal data is not an effective security countermeasure...

Comments  (0)

E973b16363b3de77b360563237df7e32

Examining the Sources of Security Incidents

June 06, 2011 Added by:Bozidar Spirovski

Security incidents come in all shapes and sizes. They can affect availability, confidentiality or integrity. Shortinfosec organized a Linkedin poll to observe the opinions of the professionals on what are the sources of security incident that they deem most frequent...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Focusing on Success or Failure in IT and Infosec

June 01, 2011 Added by:Robb Reck

Information security works differently than IT. Rather than focusing on how to build a system that can meet a requirement, the security-minded will focus on how to build a system that cannot do anything but meet a requirement. The difference is subtle, but critically important...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Mobile Payments Set to Dramatically Increase

May 26, 2011 Added by:Robert Siciliano

The Payment Card Industry Standards Council is not yet granting approval to any mobile payment applications. With the explosive growth of the mobile payment industry, they are holding off and waiting to see which technologies rise to the top...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Prescriptive Software Security Assurance for SMBs

May 25, 2011 Added by:Rafal Los

Can you handle the work it would take to ratchet up security on your applications? If you've got more than a dozen applications with more then 5 in the pipeline, you can figure on a single non-dedicated resource being able to handle one application security test per week, tops...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Las Vegas Wants to be Your Friend on Facebook

May 23, 2011 Added by:Rafal Los

Sadly, as your privacy shrinks - or as you give more and more of it away - the possibility of that crazy night in "Sin City" will follow you not just to work on Monday, but maybe to the next time a hacker is trying to penetrate your applications attack surface...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Think You Can’t Afford Code/App Testing? Think Again...

May 19, 2011 Added by:Brent Huston

Today, you have a plethora of code review automation tools and source code scanners. These tools make an easy way to pick the low hanging (and sometimes higher) vulnerabilities out of your code long before it is exposed to malicious outsider/insider contact...

Comments  (1)

924ce315203c17e05d9e04b59648a942

Granular Application Control Drives Next Gen Firewalls

May 18, 2011

Web apps in particular have become a nightmare for IT staff. Should users be allowed to use Twitter, URL shorteners like bit.ly or ur1.ca, or even Facebook? And if they do what should they be allowed to do within the app? Posting updates is one thing. Playing Mafia Wars is another...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Post-Production Application Security Testing

May 17, 2011 Added by:Rafal Los

I've spent several meetings in the last few months reminding people that even though they perform security testing and validation of their apps before they deploy they're leaving those apps running, in some cases for years, without looking back in on them. This is a bad thing...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

SMS Trojan Infects Multiple Android Applications

May 16, 2011 Added by:Headlines

"Google has removed the offending apps, published by "zsone," from the official Android Market, but researchers at the security firm Kaspersky Lab said it's possible the malware, classified as a Trojan because it hides inside software, affects more than the 11 apps AegisLab found..."

Comments  (0)

B451da363bb08b9a81ceadbadb5133ef

ERP Vulnerabilities Differ from Those at the Database Level

May 13, 2011 Added by:Alexander Rothacker

ERP applications are attractive targets because this software is present in all major organizations and across the whole enterprise. The backend database of these systems usually contains customer data and key company secrets, such as the logic for business processes...

Comments  (0)

67a9d83011f3fbb2cf8503aff453cc24

Application Security Profiling Exercise: Important Considerations

May 12, 2011 Added by:kapil assudani

Determining the security profile of an application is a very involved and complicated process – one needs to understand the business logic of the application, its integration with other applications and the security profile of the context this application interacts with...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Securing Applications at High Velocity

May 11, 2011 Added by:Rafal Los

While the blistering speed of application development and deployment may enable the business to be more agile and responsive to the changing business climate than ever, it creates unparalleled challenges for anyone with security as part of their job description...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Supporting "Unmaintainable" Applications

May 08, 2011 Added by:Rafal Los

A solid Software Security Assurance program takes into consideration the legacy risks from all the applications that have existed before a security program came into being. The issues that surround legacy applications are complex, and can create headaches for security teams...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

Is Too Much Focus Put on the Application Layer?

May 06, 2011 Added by:Keith Mendoza

Information system security is really nothing new, its just that no one has paid attention to it until recently; and the focus seem to mostly be on securing the application. My question is: who will make sure that the attack vector will not come from the hardware layer?

Comments  (4)

Af9c34417f8e5e0d240850bb353b5d40

Basic Secure Coding Practices for C or C++

May 04, 2011 Added by:Keith Mendoza

Most privilege escalations take advantage of being able to modify the code being executed because the application writes to memory locations past what it allocated. However, if you have a variable that uses up more space than the amount of data, that's extra space for an attacker to use...

Comments  (3)

Page « < 15 - 16 - 17 - 18 - 19 > »