Application Security

Application Security news, trend analysis and opinion


Blackhat_2017
video

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either...

Faraday_Blackhat2017
video

Simple tips to keep your devices secure when you travel

CSO security reporters Fahmida Rashid and Steve Ragan share some easy ways to keep your data and devices secure while traveling, even at the Black Hat conference, where active scanning is the norm. (And check out the built-in Faraday...

The dark web's changed
video

How the dark web has gone corporate

Some criminals on the dark web are taking their cues from the practices of corporate IT. Illicit offerings run the gamut from code that buyers have to implement themselves to turnkey solutions and consulting services.

Blackhat_2017
video

How DevOps and cloud will speed up security

Zane Lackey, CSO and co-founder of Signal Sciences, talks with CSO senior writer Fahmida Rashid about how DevOps and cloud can help organizations embed security into their technology structures, enabling business to move faster.

Blackhat_2017
video

Stop blaming users for security misses

Does the message to users about security need to change? Or does IT need to rebuild infrastructure so users can worry less about security? Wendy Nather, principal security strategist at Duo Security, talks with CSO senior writer...

patch

How to secure your CMS without patching

In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS...

dns world

Signal Sciences wants to protect ALL the web

The cybersecurity space is awash with vendors offering discreet solutions. Signal Sciences wants to be the one-stop shop for web security.

owasp

Latest OWASP Top 10 looks at APIs, web apps

The new release of the OWASP Top 10 list is out from the Open Web Application Security Project, and while most of it remains the same there are a couple of new additions, focusing on protections for web applications and APIs

mastercard fingerprint sensor

MasterCard puts a finger on fraud

MasterCard introduces a new credit card that has a fingerprint sensor.

cybersecurity shield and gear image

Security certificates gone wrong

Some websites, including one secured by the U.S. Department of Homeland Security, fail in their use of security certificates.

human weak link cybersecurity primary

Systemic cybersecurity crisis looms

Executive perception that security is just another cost, implementing bare bones security measures and growing threats could lead to a cybersecurity crisis.

containers on barge

Twistlock leverages the container opportunity to score big funding

Twistlock touts its container security solution and receives $17 million in Series B funding.

1 buying decision

What to ask when selecting application security solutions

Organizations need to determine the right tools to stay relatively risk free. Open source security vendor Black Duck explains why asking these key questions can help you determine the right mix of application tools and capabilities...

How to prevent your mobile app from getting hacked

TriviaCrack may be addicting to users, but criminals are hooked on getting your personal information from other apps you use

internet security privacy

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming more sophisticated, but there are many ways you can prevent them.

datarescue matt jones1 100713820 orig

The rising security risk of the citizen developer

Citizen developers may help enterprises to develop apps more quickly, but what is this new breed of developer going to do to enterprise security?

dragon statue head

Can AI and ML slay the healthcare ransomware dragon?

Healthcare is well known as “low-hanging fruit” for ransomware attacks. But according to some experts, artificial intelligence and machine learning, as part of a “layered” security program, can make them a much more difficult target.

green illustration of man and cybersecurity icons

Authentic8 wants to protect users from bad websites

Authentic8's secure web gateway for Silo lets organizations selectively redirect URLs for safe rendering within an isolated browser.

Load More