Application Security

Application Security news, information, and how-to advice

futuristic user interface - digital transformation
Black Hat 2015

medical heart rate monitor ekg hospital

Nuance says NotPetya attack led to $92 million in lost revenue

Nuance Communications, a software company that offers speech and imaging technology to a number of markets, including healthcare and finance, said the 2017 NotPetya malware attacks caused the company to lose $92 million in revenue,...

hand holding paper cloud for google cloud logo

What is SQL injection? This oldie but goodie can make your web applications hurt

SQL injection attacks are well-understood and easily preventable, and the priority for risk mitigation should be preventing SQL injection attacks in the first place. Listen to Little Bobby Tables and sanitize your database inputs.

ransomware

5 tips to help you block ransomware

Learn about best practices to combat the threat of ransomware.

How Contrast Security protects applications from the inside out

Contrast Security has one of the most elegant solutions out there for application security. We can see why it scored 100 percent on the OWASP Security Benchmark.

protection privacy locks security cybersecurity

Endpoint security suites must have these features

Endpoint security vendors must be a one-stop endpoint security shop -- providing such things as anti-malware, anti-exploit, EDR and hybrid deployment options -- if they want to compete.

email iot internet security

The life and death of a document: where did it really go?

As the Moody Blues would say, what became of that letter you never meant to send?

Windows logo overlaying hand with band-aid patch

A patch in time saved nine

In today’s Windows environment, things are changing, and the old cliches may no longer be true.

23922465470 fe3c8b8cdf o

The 17 biggest data breaches of the 21st century

Security practitioners weigh in on the 17 worst data breaches in recent memory.

cyber security lock secure security

How devsecops protects appsec from the cybersecurity skills gap

DevSecOps may not be a 100% solution for cybersecurity skills shortage, but it can make it less of a concern in the AppSec realm.

oneplus 5t dual camera

OnePlus says up to 40,000 customers affected by credit card breach

OnePlus, the company behind a popular line of Android devices, said on Friday that up to 40,000 customers might be at risk after a malicious script compromised payment card data during the checkout process.

cloud security ts

How do you secure the cloud? New data points a way

Two new reports show big differences in risk among public, private, and hybrid cloud deployments. Here’s advice on the tools, information, and organizational structure needed to execute a successful cloud security strategy.

checklist project

Rating software security Consumer Reports-style

The Cyber Independent Testing Lab (CITL) is fuzzing binaries at scale and building a checklist of compile-time security best practices.

istock 689775010

5 steps to boost your application security testing ROI

Even in the era of AI hype, spending more does not necessarily means spending wiser.

email iot internet security

Email security in 2018

Things are going to get even crazier...

sequence 01.00 10 50 27.still002
video

Are mass transit systems the next cybersecurity target? | Salted Hash Ep 14

Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems -- and what can be done.

Tablet with lock showing secure encryption

The battle to secure the digital environment

A true, multi-faceted digital risk management program takes a proactive approach to cleaning up corporate websites, while securing the corporate risk posture and protecting customers.

plastic soldiers

Open source software security challenges persist, but the risk can be managed

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

meltdown spectre

In the aftermath of yet another Meltdown, no secrets are safe

Meltdown and Spectre reveal that perfect information protection comes at an increasingly steep cost.

Load More