Evan Wade

Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
Posts by Evan Wade

Security Vulnerabilities: 3 Points of Entry and How to Lock Them Down

April 9, 2015

Not even the best fence in the world is secure if you leave a gate hanging open. In a lot of ways, that basic idea sums up why most security vulnerabilities start with perpetrators finding relatively small security oversights. Attackers prefer the path of least resistance, and getting a proverbial foot (or even just a toe) in the door can allow them to leapfrog toward things they never would've... READ MORE

Agile Security 101: The Future of Testing

April 2, 2015

You don't have to be involved in the code-producing part of development to understand Agile, as a methodology, is more in tune with the way people and businesses use software today. More to the point, you don't have to be in the trenches to understand that the common refrain about Agile's biggest failing — mainly, that it trades security for speed — isn't necessarily... READ MORE

Exploit Profile: All About Cross-Site Scripting

March 31, 2015

Think you have to make a foolish mistake for an exploit to do nasty things to your computer or website? Think again. One of today's most common attacks relies on victims accessing a subtly compromised page or clicking a specially crafted link, and nothing more. From there, attackers can view and steal sensitive information, modify files and content on the affected site, and hijack the user... READ MORE

Secure Development Practices: Microsoft Takes on Secure Agile

March 30, 2015

"Agile" does not have to mean "insecure." Development is a game of trade-offs, and speed often means sloppiness no matter what kind of project you're working on. But keeping secure development practices on lockdown from day one doesn't have to vanish with the waterfall. Take a look at Microsoft. While its "switch" has been more of a gradual scoot and may not... READ MORE

How to Implement a Secure Development Policy When Each Office Is an Island

March 17, 2015

Quickly bringing product to market tends to require more tools, skills and chunks of code than a single development location can offer. That basic fact can put secure development policy management somewhere between rocket science and the black arts on the difficulty scale — and as a company expands, it only gets harder. Whipping those external offices into shape from a security standpoint... READ MORE

Continuous Security Monitoring: A How To Implementation Guide

March 16, 2015

Typically, the goal of continuous security monitoring is to ensure that applications remain in compliance with your security policies -- even through expansions, upgrades and patches. Committing to continuous security monitoring practices almost always means making changes as an organization. While those changes don't have to be difficult, they can certainly look that way from the front lines... READ MORE

Why Mobile App Security Is a Whole Different Beast

March 12, 2015

Looking back, it's easy to see just how revolutionary modern smartphones have been in their scant seven years on the market. It's also fair to say mobile apps served as the catalyst that propelled them to where they are today. But despite all the jaw-dropping, insanely useful things these pocket-sized devices do, security-conscious tech consumers realize they also open users up to a slew... READ MORE

Adding Software Development Roles Without the Scaling Nightmare

March 3, 2015

In a tech industry marked by explosive growth, expanding rosters and exorbitant license fees, scalability doesn't just mean growing to accommodate changes as they come — it's also synonymous with survivability. Take the act of adding new software development roles, something any reasonably successful software company is doing a bunch of these days. Every relevant employee or role... READ MORE

How Code Review Best Practices Saved One Company Millions

March 2, 2015

If you've read this blog before, you already understand the security benefits of frequently reviewing code and other vulnerabilities early and often. But implementing code review best practices has other benefits beyond software security. When it comes to the bottom line, it can bring big positives — often without forcing any major changes to company operations. For proof, look no further than... READ MORE

Don't Be a Dinosaur! Try Agile Development Methods Today

February 26, 2015

The internet has revolutionized the world of software. Today's top-selling, pocket-sized gadgets don't have room for USB flash sticks, let alone full-on optical drives — and considering many laptops and desktops now ship sans disc-reading capability, releasing a full software product without digital distribution is like selling a car without wheels. Because of this, the way... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu