- Cloud-Based Application Security: Bank on It?June 22, 2015
Clouds are less secure. This is the long-held wisdom of cloud computing, the notion that goes bump in the night and keeps many companies from moving any or all of their data off local stacks. It comes with a host of anecdotal "evidence" to prove the point: Surely, cloud services must be less secure because they're "outside," beyond the benefit of in-house protection and… READ MORE
Stay up to date on Application Security
Bug bounty programs are nothing new. Companies from Google to Microsoft to Mozilla offer up cash and other rewards for so-called "white hat" hackers willing to find and report critical problems in network infrastructure. Now, United Airlines (UA) is also opting in, offering up to one million air miles to bounty hunters who find "remote execution codes" and turn over their data to UA. Of course,… READ MORE
Independent software vendors (ISVs) face a tough market. While small businesses and enterprises alike are always on the lookout for the next breakout software-as-a-service or on-premises solutions, they're not willing to risk security breaches just to get a step ahead. This means ISVs must make both software security and enterprise risk management key components of every product they develop… READ MORE
- Cyberespionage: Enterprise Nuisance or National Crisis?April 29, 2015
According to President Obama, cyberespionage has crossed the threshold from "nuisance" to "national emergency." As reported by National Journal, the president signed an order allowing the treasury secretary, attorney general and secretary of state to impose financial sanctions on the groups and people behind cyberattacks that "create a significant threat to US national… READ MORE
- Finding the Risk Factor in IT Security for Small BusinessApril 16, 2015
Enterprises are the ideal targets for hackers. That's common wisdom, backed up by story after story about big banks and retailers getting breached. It makes sense: These organizations hold massive amounts of customer data in trust — everything from credit card numbers to birth dates and e-mail addresses. As a result, successful attacks often mean big paydays for malicious actors. But IT… READ MORE
- Cloud Computing Trends: Fueling DevOps AppSec IntegrationApril 15, 2015
Cloud computing trends show this technology is on the way up: RightScale's new "2015 State of the Cloud Report" — as detailed by Market Wired — found 93 percent of organizations are already running cloud applications or experimenting with Infrastructure as a Service (IaaS). DevOps isn't much further behind, with the report showing adoption is up to 66 percent across… READ MORE
- Mandatory Breach Notification Gets New Push From US SenatorApril 13, 2015
Should companies be required to notify consumers in the event of a data breach? Senator Mark Kirk thinks so, and according to SC Magazine, he plans to introduce a bill that would compel businesses to disclose a breach under certain conditions. Kirk and other advocates see this as a way "to make sure the system that Congress designs is easy for industry to put in place and doesn't act… READ MORE
Companies can no longer manage IT security alone. It's not an issue of weakness or inability; the network and end-point landscape has simply become too complicated for even enterprise IT teams to handle. As a result, more and more organizations are reaching out to third-party security vendors. For example, Computer Business Review reports 34 percent of UK companies already use managed security… READ MORE
- Third-Party Security Is Defense by DesignMarch 24, 2015
Third parties are a problem when it comes to cybersecurity. According to IT Business Edge, handling third-party security risk will be a major concern in 2015 — and that's no surprise, since a recent BitSight study found that almost one-third of all retail IT breaches started with a third-party vendor. Since the self-certification of vendor security credentials is no longer a reliable… READ MORE
- Application Threat Modeling: The Imagination GapMarch 18, 2015
Cisco's annual security report, as highlighted on RCRWireless, indicates that new IT security threats are emerging. The highlights? "Snowshoe spam," which diffuses attacks over hundreds of IP addresses so as not to attract attention, is on the upswing, along with new web exploit kits such as those aimed at Microsoft Silverlight. In addition, "blended" attacks that exploit… READ MORE
Application Security Tool Kit
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
No thanks, back to the article please.