Application security and coding requirements

Opinion 20 Dec 2025
Will Quantum Computing Kill Bitcoin?

Claims that Quantum Computing will destroy Bitcoin may be exaggerated, but Bitcoin will need to adapt. Continue Reading
News 18 Dec 2025
AI safeguards improving, says UK government-backed body

Inaugural AI Security Institute report claims that safeguards in place to ensure AI models behave as intended seem to be improving Continue Reading
By
- Alex Scroxton, Security Editor

Tip 09 Oct 2012
Vulnerabilities in JavaScript: Secure coding insights and tips

JavaScript vulnerabilities are on the rise in India with the entry of HTML5 and faster JavaScript engines. Here are some key problem areas along with antidotes. Continue Reading
By
- Lavakumar Kuppan, Contributor
Feature 17 Sep 2012
Static code analysis tools gain traction in India as SDL models mature

Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices. Continue Reading
By
- Varun Haran, Reporter
Video 24 May 2012

Screencast: Employ the FOCA tool as a metadata extractor

Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites. Continue Reading
News 18 May 2012
MDM, security vendors scramble to address BYOD security issues

Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products. Continue Reading
By
- Tracey Caldwell, Contributor
News 24 Apr 2012
Investigation reveals serious cloud computing data security flaws

Context Information Security found that data stored by a cloud customer could be accessed by the next customer to spin up a VM on the same disk. Continue Reading
By
- Ron Condon
Photo Story 29 Mar 2012
Sandboxing for secure app development: Adobe Reader’s 'protected view'

As sandboxing emerges as an answer to legacy codebases with multiple vulnerabilities, we look at the components of Adobe Reader X’s sandbox. Continue Reading
By
- Disha Agarwal, Contributor
Tutorial 27 Mar 2012
Exploit writing tutorial: Part 1

In the first part of our exploit writing tutorial, we take a look at the fine art of vulnerability discovery, fuzzing and usable techniques. Continue Reading
By
- Karthik Poojary, Amazon
Answer 05 Mar 2012
Session fixation protection: How to stop session fixation attacks

Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection. Continue Reading
By
- Rob Shapland
News 24 Feb 2012
Windows security case study: Controlling Windows 7 user privileges

After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges. Continue Reading
By
- Ron Condon
News 08 Feb 2012
Web application vulnerability statistics show security losing ground

New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks. Continue Reading
By
- Ron Condon
News 03 Feb 2012
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7

Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6. Continue Reading
By
- Ron Condon
Tutorial 23 Jan 2012
Burp Suite Tutorial: Part 2 – Intruder and repeater tools

Our Burp Suite tutorial’s second part covers intruder and repeater. Use this Burp Suite tutorial to customize attacks on Web apps via SQLi and XSS bugs. Continue Reading
By
- Karthik Poojary, Amazon
Tip 19 Dec 2011
Segregation of duties: Small business best practices

Segregating duties can be tough in organisations that have few staff members and resources. Get duty segregation best practices for SMBs. Continue Reading
By
- Michael Cobb
News 05 Dec 2011
Concerned about tablet security issues? Some are, others not so much

Users love their tablets, but security pros are concerned about tablet security issues. However, though tablets bring new threats, not everyone is ringing the alarm. Continue Reading
By
- Ron Condon
News 04 Aug 2011
Missing USB drive, found in pub, contained unencrypted data

The ICO says two housing groups must improve data security after a contractor’s missing USB drive, containing unencrypted data, was found in a pub. Continue Reading
By
- Ron Condon
Tip 13 Jul 2011
SAP security tutorial: Top 10 SAP security implementation steps

Implementing SAP software securely isn't only the job of SAP specialists; the entire IT department has a role to play. Learn the top ten steps to a secure SAP implementation. Continue Reading
By
- Richard Hunt, Turnkey Consulting
News 06 Jul 2011
Network security case study: College’s NAC virtual appliance makes grade

Wellington College’s network security case study explains how a NAC virtualization appliance blocks malware and provides increased capacity on demand. Continue Reading
By
- Ron Condon
News 25 May 2011
Virtual desktop benefits include tighter security, hot desking

With the help of hot desking and other virtualisation technologies, the Basildon Borough Council was able to centralise its security administration and reduce its number of desks by more than 30%. Continue Reading
By
- Ron Condon
News 20 Apr 2011
Shutting down a botnet, US Government disables Coreflood

Coreflood, a botnet almost ten years old, has been taken down by the FBI and US Department of Justice by obtaining permission to hijack the command and control servers and send a 'stop' command to infected PCs. Is this overstepping the privacy line? Continue Reading
By
- Stephen Gillies
Tip 19 Apr 2011
Secure SDLC best practices

While focus on technicalities is a given during the SDLC, this tip explains how to secure the SDLC, from the analysis phase right through to deployment. Continue Reading
By
- Puneet Mehta, SDG
Tutorial 22 Feb 2011

Information security tutorials

SearchSecurity.co.uk's tutorials offer a variety of online information security training courses you can take on your own time at your own pace specifically for UK readers. They are designed to arm you with the foundational and tactical information you need to deal with the increasingly challenging job of keeping your organization's information secure. Continue Reading
Tip 17 Nov 2010
How to use the Microsoft FCIV command-line checksum tool

Downloading files from the Internet always poses a risk, but there are strategies that can make the process more secure. In this tip, Michael Cobb explains how to use the Microsoft FCIV tool to check the hash values of downloaded files and create hashes and checksums of you own. Continue Reading
By
- Michael Cobb
Answer 08 Sep 2010
Dynamic code analysis vs. static analysis source code testing

Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ, as well as how they are performed in this expert response. Continue Reading
By
- Richard Brain
Answer 28 Apr 2008
What are the dangers of using Facebook, other social networking sites?

Ken Munro discusses the dangers associated with allowing employees to access social networking sites such as Facebook, and explains how corporations can avoid these risks by monitoring the information placed in employee profiles and using email filters. Continue Reading
By
- Ken Munro