The Push to Replace Passwords

sporemba's picture
By Sue Poremba September 25, 2016  | Security News 3
Is password security weakening?

At Black Hat 2016, Thycotic conducted a survey of both self-identified white hat and black hat hackers. In part, the survey found that more than 75 percent of respondents believe no password is safe from hackers or the government, and nearly half said they would be willing to hack your password for a fee if asked by the FBI. It’s yet another bad rap on passwords, which have been the... READ MORE

Security's Weak Communications Skills Can Undermine Safety

eschuman's picture
By Evan Schuman September 23, 2016  | Security News
Communication takes effort and time, poor communication will hinder results!

It's hardly a revelation that hardcore security veterans are not at the pinnacle of clear communication. And the more technical the talent, in general, the weaker the communication. For most in IT and almost everyone in corporate outside of IT, this is generally dismissed as a fact-of-life. But I've recently started to wonder if this isn't a bigger problem and one that can undermine... READ MORE

Developer vs. Hacker: Two Sides of the Same Coin?

jzorabedian's picture
By John Zorabedian September 21, 2016  | Secure Development
How much do hackers and developers have in common?

Years ago, when I started my career as a writer, I became a journalist dedicated to informing people and serving the public interest. Later, I became a writer in a marketing role, dedicated to creating content that informs prospects and serves customers. I call upon the same skills to write blog posts and whitepapers that I once did to write news articles. Likewise, journalists may use their... READ MORE

Could How A Shopper Types Be The Best Authentication?

eschuman's picture
By Evan Schuman September 20, 2016  | Security News

It's not what you say, but how you say it. That piece of advice, which has given to countless politicians and executives over the decades, might be the premise behind an intriguing knew approach to biometric authentication. Although to be precise, it's closer to "It's not what you type, but how you type it." The value of any authentication system is based on a balancing act... READ MORE

4 Things Developers Have in Common with Hercules and Luke Skywalker

jzorabedian's picture
By John Zorabedian September 19, 2016  | Secure Development
How developers are like Luke Skywalker

The adventurous hero is a common thread in mythology that helps us understand what makes someone great. From Homer’s Odysseus, to George Lucas’s Luke Skywalker, all mythical heroes have traits in common and follow a similar path. Heroes don’t start out that way – they need to prove their mettle by undertaking a long journey and passing a series of tests. The hero must look... READ MORE

Three Reasons AppSec Policies Matter

sciccone's picture
By Suzanne Ciccone September 16, 2016  | Managing AppSec
AppSec policies help prioritize, communicate, and benchmark efforts to secure code.

You probably get a lot of email. Do you give every email the same level of attention? Do you read, craft a thoughtful response, and immediately complete any follow-on tasks for every single email message as it comes in? If you do, congrats – but you probably don’t spend your days doing much else! Whether you know it or not, you have a policy regarding your emails. Maybe you... READ MORE

Evolution Toward DevSecOps: Failures and Successes

jfeiman's picture
By Joseph Feiman September 13, 2016  | Secure Development

As we outlined in the previous blog post, DevOps is in danger of not being properly secured unless it adopts technologies specifically designed for that purpose. Traditional application security technologies were not designed to work in a DevOps environment. Even from DevOps name, it is obvious, that DevOps-enabling tools should be designed for Development and Operations specialists. And for some... READ MORE

Why Age Verification Needs To Be A Key Part Of Your Security Strategy

eschuman's picture
By Evan Schuman September 8, 2016  | Security News
Age verification is an important part of security planning.

Not only is e-commerce being radically changed due the mobilization of shoppers, but it's disproportionately happening with younger consumers. At the same time, law enforcement and government regulatory attention is being focused on age violations. And yet, the vast majority of companies have age-verification systems that provide almost no legal protections. Consider Facebook's recent age... READ MORE

Cyber Second Podcast: Cyberwar has a history not just a future

jlavery's picture
By Jessica Lavery September 6, 2016  | Security News
Learn the history of cyber war.

Cyberwar – the term conjures images of futuristic warriors battling for control of Earth ala the Terminator or the Matrix. But the truth is cyberwar is just as much a part of our national history as it is a potential future crisis. And as the old adage goes “ what has happened before will happen again”. The main difference between the cyberwar of the past and the one of today... READ MORE

If Security Isn't A Priority For Appdev, What Chance Does A Deployed App Have?

eschuman's picture
By Evan Schuman September 1, 2016  | Secure Development
Educating developers about secure coding should be built in from the start.

One of the biggest security threats is that enterprise mobile app testing is overwhelmingly focused on functionality and not security. Pen testing of apps to see what data they—or some third-party app it is integrated with—are actually retaining is hardly ever done prior to deployment, if then. Why? It's simply not in the mindset of line-of-business managers. They want/need the... READ MORE


Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.