Most information security tips deal with protecting your business and private data from malicious attacks but what should you do when the threat comes from Mother Nature herself in the form of an unpredictable Frankenstorm? The following 5 tips will help you prevent any loss of data and damage otherwise to your IT infrastructure.

Two reports out in the last week have raised alarms about the vulnerability of popular applications to man in the middle attacks and other snooping. Alas – this isn’t really a new problem…and it isn’t limited to mobile applications either!

The presentations by researchers at the annual Conference on Computer and Communications Security (CCS 2012)…

In a new report by 451 Research, the enterprise IT innovation firm our new VAST program is highlighted for it’s ability to lower the barriers of application security testing for enterprises. Says CEO Bob Brennan;

“VAST was created to increase the security of buying software. We work with enterprises to define the level of security they should expect and then we work with their vendors to see that those expectations are met.”

We recently hosted a webinar featuring Chenxi Wang of Forrester Research Inc and Chad Holmes of Veracode that discussed how enterprises can better understand and reduce security risks associated with using vendor-supplied software. This blog post will highlight the key takeaways of the webinar.

A short while ago I stumbled onto the Twitter account of an Information Security Awareness program at my alma mater the Rochester Institute of Technology (RIT). I was immediately impressed by the following they had among their social networks and after digging a bit deeper into their activities I couldn’t help but reach out to Ben Woelk who manages the group and generously agreed to an interview with us.

Last week the National Cyber Security Alliance published this great infographic in collaboration with Symantec on the topic of Small Business Online Security. With more small businesses leveraging web applications and collecting and storing customer data online the need for cybersecurity awareness has never been greater. The graphic is a part of NCSA’s awareness campaign for National Cyber Security Awareness Month, visit their website staysafeonline.org to catch up with the rest of their efforts!

Earlier this year during the summer we were contacted by Jack Stansbury, a Computer Science and Math teacher working at Poolesville High School in Maryland. He was in the process of getting a class on the subject of writing mobile applications approved by the school board and implemented in his and the surrounding districts and he wanted to know if he could print and use one of our infographics “How Mobile Apps Are Invading Your Privacy” as collateral for his classes. We thought Jack’s idea was awesome and were happy to print the infographics and send them his way free of charge, in return he has generously written up the following on his new course!

Has our security been compromised before the shrink wrap is even off the box?

The U.S. House of Representatives went on record this month with a warning to U.S. industry of the danger of compromised supply chains. But getting to the bottom of the supply chain threat will require more than just tough talk.

Travis Emmert of Veracode is credited in the latest Oracle Critical Patch update for reporting nine Web application vulnerabilities in Oracle Fusion Middleware, Imaging and Process Management. After talking to Travis about how he found the vulnerabilities, what he found, and Oracle’s advisory release process I thought this material would make for a good blog post. I asked Travis to take a few moments to write about this experience.

When I read the New York Time BITS article “The Dangers of Allowing an Adversary Access to a Network” by John Markoff, I thought the fear of trojaned vendor products is misplaced. The much bigger problem is vulnerable products. To cyber security experts, a serious vulnerability is indistinguishable from a backdoor as both allow an adversary to take control of a system or device. Yet the U.S. House Committee seems preoccupied with backdoors in Huawei technology while ignoring the gaping vulnerabilities.

The amount and variety of malicious programs out there is enough to make your head spin. This blog post will break down the common types of malicious programs and provide a brief description of each.

What is Malware?

Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause…

How bad is Google’s application security problem?

Think “New York City in the 1970s.” Just like New York during those dark days, Google faces a myriad of problems: many of its own making. And the Silicon Valley star might consider looking to Gotham for inspiration as it tries to turn things around.

Companies spend millions on sophisticated anti-intrusion systems, that lock down their corporate assets against any kind of network attack.

Then they sit back and relax, confident that not even the smartest, trickiest, most downright determined hacker would ever be able to break in. And that hacker would have to be a total genius right?