Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google researcher Tavis Ormandy has identified critical remote code execution vulnerabilities in Trend Micro’s Password Manager [Read More]
Microsoft has improved Edge security by blocking the injection of components and drivers that are not signed. [Read More]
Attacks designed to compromise users and steal sensitive data are increasing in magnitude and velocity as cybercriminals leverage automated tools to attack at scale. [Read More]
Hackers breached the systems of anti-adblocking service PageFair and used the access to deliver malware [Read More]
Netflix this week released an in-house developed tool for discovering cross-site scripting (XSS) vulnerabilities in applications and for scanning secondary software programs for potential XSS flaws. [Read More]
Web browser vendors are limiting Flash content so Amazon has decided not to accept Flash ads for Amazon.com starting with September 1. [Read More]
Facebook’s new Security Checkup tool for desktop is now available globally. Mobile version coming soon. [Read More]
Gigamon launched its GigaSECURE platform that was designed to give enterprises extensive visibility into network traffic, users, applications and suspicious activity. [Read More]
While container adoption is likely to surge over the next few years, concerns around security, certification and adequate skills remain, according to a recent survey commissioned by Red Hat. [Read More]
Google has decided to allow the installation of Chrome extensions only from the Chrome Web Store. The policy will soon be enforced on all channels of the web browser. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
Jim Ivers's picture
Built in or bolted on? When have you ever seen “bolted on” as the first choice of anyone in just about any imaginable scenario? Yet for software security, “bolted on” is certainly the norm.
Jim Ivers's picture
Hackers are creative by nature, so you have to use your imagination to think like one. Once you can see your organization from a hacker’s point-of-view, you will be equipped to defend your organization like a security pro.
Danelle Au's picture
When it comes to SaaS applications versus on-premise, there are three characteristics that define the need for a different approach to data governance, risk management and security in the cloud.
Adam Firestone's picture
Security requirements for information assurance, risk management, and certification and accreditation constrain Government organizations with respect to software allowed on Government networks.
Wade Williamson's picture
As we build more accessible, scalable, and efficient computing models, we likewise open ourselves up to attacks that are likewise more accessible, scalable and efficient.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Danelle Au's picture
Enterprises can gain tremendous competitive advantages by having IT focus on the things that matter – users and information rather than infrastructure maintenance and building.
Danelle Au's picture
As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...
Wade Williamson's picture
While free tools aren’t the answer for every problem, they probably should be a part of your security toolkit. Even better, they can provide an easy way to learn about new security technologies and provide your team with hands-on experience.