Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Vulnerabilities found by a researcher in the Venmo payment app could have been exploited to steal money from users [Read More]
Black Hat organizers updated the conference’s mobile app after researchers discovered several vulnerabilities [Read More]
A flaw related to how Intel’s Crosswalk handles SSL certificates exposes mobile apps to MitM attacks [Read More]
Blue Coat has analyzed 15,000 business cloud apps and determined that 99% of them lack enterprise-grade security [Read More]
Pwnie Express has open sourced Blue Hydra and Android Open Pwn Project (AOPP) [Read More]
Vulnerabilities in SAP HANA represent a risk to more than 10,000 SAP customers running different versions of the popular business-critical application, Onapsis warns. [Read More]
The products of many major software vendors could be exposed to attacks due to vulnerabilities in Oracle’s Outside In SDKs [Read More]
Hooking and injection vulnerabilities in security products allow attackers to bypass exploit mitigations and compromise systems [Read More]
Samsung has released a new version of its SW Update utility to address a privilege escalation vulnerability [Read More]
Connected third-party cloud apps can pose a serious risk to enterprises, CloudLock warns [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Michael Callahan's picture
There are several steps companies can take on the server side to identify and disrupt brute force attacks.
Michael Callahan's picture
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Nimmy Reichenberg's picture
There are numerous financial and operational reasons to make the move to a private, public or hybrid cloud, but you must understand the impact on applications .
Tal Be'ery's picture
In this column, Tal explores the recent trend of hackers abusing the target’s Web application in order to launch an attack on the datacenter.
Michael Callahan's picture
While obscuring website code, server architecture, and security mechanisms doesn’t provide bullet-proof security on its own, it is actually pretty effective.
Nimmy Reichenberg's picture
Critical applications fuel the business, yet oftentimes there is a disconnect between the business requirements and the security policy. Aligning the two will ultimately improve security and allow IT to keep up with the dynamic needs of the business.
Nimmy Reichenberg's picture
Today’s businesses must be able to rapidly adapt to changing market conditions – to support a new venture, merger/acquisition, etc. As business needs change, so too must the underlying security policies.
Marc Solomon's picture
To understand today’s array of threats and effectively defend against them, IT security professionals need to start thinking like attackers.
Mark Hatton's picture
There is a term currently permeating the security industry that distracts everyone from the larger goals at hand of making networks safer, mitigating threats and protecting critical data. The term is hype.
Chris Poulin's picture
If I have to sit through another presentation on information security that opens with the canned two or three slides peddling FUD, I’m going to launch myself across the table and unleash my own brand of FUD on the speaker. It’s not the bad guys who are winning, it’s the alarmists.