Doug Bonderud

Doug Bonderud is a freelance writer passionate about the evolution of technology and its impact on companies, stakeholders and end-users alike. Want to know more? Follow Doug on Twitter.
Posts by Doug Bonderud

App Testing (and Retesting): When Are You Secure Enough to Launch?

October 21, 2014

application-testing-secure.jpg Enterprises recognize the need for cutting-edge, user-friendly apps, but Veracode reports that of 12,000 security professionals surveyed, 69 percent cite application-layer vulnerabilities as the greatest threats to app security. What's more worrisome is that just 10 percent of respondents say that their apps were reviewed for security before, during... READ MORE

HIPAA Compliance and the Healthcare Supply Chain: Broken Links?

October 20, 2014

Healthcare agencies are no strangers to IT security risks. In August, Community Health Services (CHS) announced the theft of 4.5 million patient records due to a Heartbleed breach; now, companies are dealing with Shellshock, which exploits open-source Bash code to compromise appliances and network hardware such as medical devices. To combat these threats and maintain HIPAA compliance, many... READ MORE

How Medical Services Can Close the Gap in Healthcare Security

October 15, 2014

320px-Mind_the_gap_2.JPG Personally identifiable information (PII) is rapidly becoming a hot commodity for cybercriminals, since it lets them file false tax returns and create fake credit-card accounts. But the most valuable PII? Healthcare data. Once compromised, thieves can use this data to claim medical benefits and obtain prescription drugs. According to Healthline, healthcare... READ MORE

The Heartbleed Vulnerability: Healthcare's Chronic Problem?

October 6, 2014

NOT_BLEEDING_400.png Heartbleed. Back in April, this bug was on the radars of companies across the globe. Large corporations struggled to find and patch systems and ensure no critical information was compromised. Not all succeeded: The Canada Revenue Agency had 900 social insurance numbers lifted from its database. When the dust settled, many companies went back to business as usual... READ MORE

Don't Monkey Around: Why Ad-Hoc Testing Is a Hacker's Best Friend

September 24, 2014

monkey-ad-hoc-security-testing.jpg Bottom line? Eighty percent of applications fail their first security test, putting companies and data at risk. Worse, most of these apps aren't developed in-house, meaning you don't always know what kind of code underlies basic functions, or how they retrieve their data. It's easy to point at cloud computing as the culprit behind... READ MORE

The Security Programs Disconnect: Why Does Enterprise-Wide AppSec Lag Behind?

September 16, 2014

enterprise-appsec-struggles.jpg Enterprises are using more apps than ever, many of which are cloud-based. That's according to a recent Forbes article, and — no surprise — this increased use comes with increased risk. Survey data found that 85 percent of all data uploaded went to apps that enabled file sharing, and, perhaps more worrisome, 81 percent of data... READ MORE

Supply Chain Security: When Breaches Go Global

September 11, 2014

supply-chain-security.jpg It's tempting to imagine your supply chain as one unbroken line where each link is directly fastened to the next, making it easy to uncover weak spots or add new processes. In truth, this chain more closely resembles a tangled web with lines and links that branch out, interconnect and then split. The recent Target breach, for example, began with stolen... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu