Application Security

Application Security news, trend analysis and opinion

veterans fill cybersecurity gap
Arlo Go Netgear

dns world

Signal Sciences wants to protect ALL the web

The cybersecurity space is awash with vendors offering discreet solutions. Signal Sciences wants to be the one-stop shop for web security.


Latest OWASP Top 10 looks at APIs, web apps

The new release of the OWASP Top 10 list is out from the Open Web Application Security Project, and while most of it remains the same there are a couple of new additions, focusing on protections for web applications and APIs

mastercard fingerprint sensor

MasterCard puts a finger on fraud

MasterCard introduces a new credit card that has a fingerprint sensor.

cybersecurity shield and gear image

Security certificates gone wrong

Some websites, including one secured by the U.S. Department of Homeland Security, fail in their use of security certificates.

human weak link cybersecurity primary

Systemic cybersecurity crisis looms

Executive perception that security is just another cost, implementing bare bones security measures and growing threats could lead to a cybersecurity crisis.

containers on barge

Twistlock leverages the container opportunity to score big funding

Twistlock touts its container security solution and receives $17 million in Series B funding.

1 buying decision

What to ask when selecting application security solutions

Organizations need to determine the right tools to stay relatively risk free. Open source security vendor Black Duck explains why asking these key questions can help you determine the right mix of application tools and capabilities...

1 app hacked

How to prevent your mobile app from getting hacked

TriviaCrack may be addicting to users, but criminals are hooked on getting your personal information from other apps you use

internet security privacy

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming more sophisticated, but there are many ways you can prevent them.

datarescue matt jones1 100713820 orig

The rising security risk of the citizen developer

Citizen developers may help enterprises to develop apps more quickly, but what is this new breed of developer going to do to enterprise security?

dragon statue head

Can AI and ML slay the healthcare ransomware dragon?

Healthcare is well known as “low-hanging fruit” for ransomware attacks. But according to some experts, artificial intelligence and machine learning, as part of a “layered” security program, can make them a much more difficult target.

green illustration of man and cybersecurity icons

Authentic8 wants to protect users from bad websites

Authentic8's secure web gateway for Silo lets organizations selectively redirect URLs for safe rendering within an isolated browser.

best password managers 1

Is it crazy to be afraid of password managers?

Password managers help users have strong, unique passwords for all their web services. But what happens when the password manager gets hacked?

manometer measure pressure

What makes a good application pen test? Metrics

Research from application security crowd testing and bug bounty program provider Cobalt attempts to define what enterprises could measure to improve results

email encryption

Top 5 email security best practices to prevent malware distribution

With email representing an open, trusted channel that allows malware to piggyback on any document to infect a network, it’s often up to the organizations – their security teams and employees – to adopt appropriate security strategies...

internet security privacy

Information security in an insecure world

A guide for current and aspiring CTOs about the process of securing your data and platforms and receiving security certification

green illustration of man and cybersecurity icons

Smyte wants to get biblical on all those bad online actors

Smyte wants to do some biblical-level smiting of its own and strike down credit-card fraud, scams, spam and other devious online activities.


Now WikiLeaks threatens to disclose software vulnerabilities

One WikiLeaks disclosure condition is similar to Google’s: Companies must patch software vulnerabilities with in 90 days.

Load More