Application security and coding requirements
Infographic: 5 ways to achieve a risk-based security strategy
Learn five steps for implementing a risk-based security strategy that naturally delivers compliance as a consequence of an improved security posture.
News : Application security and coding requirements
-
December 05, 2019
05
Dec'19
Aviatrix VPN vulnerability left user endpoints wide open
Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets
-
December 02, 2019
02
Dec'19
Top Android apps at risk from StrandHogg vulnerability
Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability
-
November 25, 2019
25
Nov'19
Uber app exploit posed safety risk to passengers
A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel
-
November 19, 2019
19
Nov'19
Macy’s Magecart breach presages Christmas fraud spike
US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack
In Depth : Application security and coding requirements
-
Vulnerability assessment done. Now what?
Vulnerability assessment establishes the current state of an organisation’s cyber security, but to meet industry best practices, companies should go beyond that to achieve continuous improvement Continue Reading
-
Debugging bug bounty programmes
Bug bounty programmes have recently become a popular method of vulnerability management, but poor programme management can lead to development teams becoming overwhelmed and bugs being missed Continue Reading
-
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
Blog Posts : Application security and coding requirements
-
How To Save IT From Drowning In Its Own Self-Containerised World (and other stories)
Anyone out there right now could be more than excused for thinking we're drowning in security start-ups; too many "me too" vendors trying to resolve the same perceived problems - niche or broad. ... Continue Reading
-
App users in developing APAC prefer convenience over security
By Kimberly Chua Mobile app users in developing Asia-Pacific (APAC) countries prefer convenience over security, signaling a potential rift between companies and users, a new F5 Networks study has ... Continue Reading
-
Spectre of IT vulnerability looms large
In some ways the Meltdown and Spectre flaws represent a risk that goes to the very heart of computing. This microprocessor flaw has resulted in major network, server, PC and mobile hardware firms ... Continue Reading
Opinion : Application security and coding requirements
-
Security Think Tank: In-depth protection is a matter of basic hygiene
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
Security Think Tank: Proper segregation is more important than ever
What are the security benefits and challenges of segregating IT environments, and how best are these challenges overcome? Continue Reading
-
eIDAS and the EU’s mission to create a truly portable identity
It is important for businesses to work more actively with technology partners, regulators and governments to create more robust identity verification processes Continue Reading
Videos : Application security and coding requirements
-
CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com
In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies.
-
Lauri Love: how reformed hackers halted the WannaCry virus
Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.
-
CW500 Video: Identity and access management - KPMG
In this CW500 video, Martijn Verbree, Director of Information Protection, KPMG, discusses the growing challenges of expanding access management to third parties and avoiding the potential pitfalls.