Evan Wade

Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
Posts by Evan Wade

The Gartner Magic Quadrant: Four Traits From Top Performers

December 2, 2015  | Managing AppSec

With the application layer becoming a popular attack vector for intruders, and defensive methods to combat it constantly evolving, it's easy to see why application security testing (AST) services play such a large role in digital security. In fact, it has become so prominent that the question shouldn't be whether a company should adopt an AST service to keep its operations and data secure... READ MORE

What's the True Cost of a Data Breach?

November 20, 2015  | Managing AppSec

Breaches are bad business. In 2015, this basic tenet of digital security is clear-cut common sense. After all, bad things happen when bad guys steal your property. What's less clear is the quantifiable cost of a data breach, both in terms of the intrusion's economic toll and the underlying factors that play into the loss. This is where the expert insight comes in. "The Business and... READ MORE

Defending the Application Layer Means Securing All Apps

November 18, 2015  | Managing AppSec

Security is a game of advancements. All too often, the adversarial relationship between attackers and defenders pushes that game to a breakneck pace. Whichever side is on the leading edge of the technological curve won't have an advantage for long. While this dynamic can spur organizations to be consistently vigilant, at least on the white hat side, it can also lead to the assumption that a... READ MORE

10 Common Security Vulnerabilities

November 2, 2015  | Intro to AppSec

You don't need to be an expert to know that hacks, attacks and other digital security breaches are never a good thing. But one industry's annoyance is another industry's nightmare — and if you've read CA Veracode's "State of Software Security Report, Volume 6," then you know that most common security vulnerabilities are more frequent in some industries than... READ MORE

Security Awareness Training: 4 Benefits Only the Cloud Can Bring

October 28, 2015  | Managing AppSec

Whether you're talking about onboarding practices or continued learning services, education in the development industry is far from a one-size-fits-all proposition. Besides the challenges that come with crafting relevant, up-to-date lessons — which itself represents a significant challenge in the world of security awareness training — there are logistics to deal with as well. As... READ MORE

Vulnerability Profile: LDAP Injection (and How to Protect Against It)

October 13, 2015

In some ways, all injection attacks are the same. The hacker puts code in some form of user input field, attempting to trick the machines on the other end into granting information or access they shouldn't. If successful, the hacker then uses these ill-gotten gains to carry out damaging attacks like information theft, browser/session hijacking, site defacement, and so on. But the devil is in... READ MORE

It's True: DevOps and Security Can Play Nice

September 25, 2015  | Secure Development

It's no secret that DevOps was designed to address the drawbacks of traditional "waterfall" and "scrum-but" development practices over the years. And while new ways to build software are about as common as unique startup business models these days, it's clear the methodology is at least successful at addressing some long-standing issues. If your goal is to improve... READ MORE

LastPass Hack Shows Breaches Aren't Always a Bad Thing

September 24, 2015

Call it reverse schadenfreude, or maybe digital empathy, but when a tested, hardened and demonstrably security-conscious company suffers a hit, everyone feels a little bit of shame. If you were affected by the LastPass hack, however, you might be feeling other emotions after the company's recent intrusion. Namely, the fear that comes when you realize not one, but all of your passwords... READ MORE

The Scalability Challenge, Part Five: Scaling With Open Source

September 23, 2015

Depending on where you work and what you do within the tech sector, addressing the security of your third-party software can dominate much of your time. That's especially true if your company is particularly security-conscious or spends a significant amount of its own resources utilizing custom-built code and premade parts from vendors. And that's just the proprietary stuff — throw... READ MORE

DevOps and Automation: A Recipe for Stronger, More Secure Software

September 22, 2015  | Secure Development

If you made a list of the technological tools used by multiple software development methodologies, automation would have to be somewhere near the top. Anything that reduces the rote, repetitive work developers, security personnel and others have to handle in the process of app creation is a good thing; combine that with the reduced costs and lower risk that automation usually introduces into a... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu