Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Imperva issued a threat advisory for a code injection vulnerability in PHP (CVE-2012-1823).
Trustwave has acquired Cenzic, Inc., a maker of application security testing solutions, for an undisclosed sum.
Qualys said its QualysGuard Web Application Firewall (WAF) service for web applications running in Amazon EC2 and on-premise is now available.
Mocana, a provider of security solutions for embedded and mobile devices, introduced Mocana Atlas Extended Enterprise Engine, a new appliance designed to simplify and secure enterprise mobile app deployments.
When it comes to securing a Linux machine, the answer is not installing an antivirus or some other security software. The key lies in hardening the operating system.
WhiteHat Security announced that Jeremiah Grossman, company founder, has accepted the Board of Directors offer to lead the company as its interim CEO following the resignation of former CEO Stephanie Fohn.
Shape Security has launched new class of security appliance designed to protect websites against cyber attacks stemming from malware and bots.
In this white paper you will learn about the various considerations for defending mobile applications—from the mobile application architecture itself to the myriad testing technologies.
Keeping to tradition, SecurityWeek invited security experts to weigh in on New Year's resolutions for improving information security and how organizations can better develop new habits in 2014.
Brinqa provides a risk analytics platform that serves as a solution to the enterprise big data and risk management dilemma. SecurityWeek sat down with resident and Co-founder Hilda Perez to discuss the security startup.

FEATURES, INSIGHTS // Application Security

rss icon

Tal Be'ery's picture
Organizations should always assume third party code—coming from partners, vendors, mergers and acquisitions—is vulnerable, and take relevant precautions.
Tal Be'ery's picture
Tal explains the technical details behind recent Ruby on Rails vulnerabilities and shows how web applications’ administrators can avoid these and similar problems with some proper system hardening.
Avi Chesla's picture
The following predictions may help change these static roles, and allow you to look ahead at the upcoming threat trends to proactively plan your defense strategy.
Nimmy Reichenberg's picture
Application vulnerabilities are a prime vector for attacks. But one aspect of securing enterprise applications often overlooked and almost always poorly handled in organizations, is securing application connectivity!
Alan Wlasuk's picture
Every statistic indicates your website has probably been hacked already, and if it hasn’t already been, it will soon be. You won’t be aware of it until some outside points it out to you.
Noa Bar-Yosef's picture
Foresight is a Web application security company which provides a new type of technology as the front line of Web protection. I sat down with co-founder and CTO Israel Ragutski to chat on entrepreneurship and this new offering.
Alan Wlasuk's picture
You’re not going to solve all of your security problems in the next 30 days, but you can and should fix the big ones, those Bluebirds that make it easy for hackers to kill your company.
Chris Hinkley's picture
There are numerous steps you can take to uphold the security of your site in order to help protect against CSS attacks. Start by ensuring that your application is coded in a way to eliminate these attack vectors.
Alan Wlasuk's picture
As IT security becomes a major focus in our world, it is essential that corporations and development companies alike demand web application security at the contractual level.
Marc Solomon's picture
Similar to how the Industrial Revolution created faster, better and more efficient sectors of the economy, so too is the Industrialization of Hacking creating a faster, more effective and more efficient sector profiting from attacks to our IT infrastructure.