Microsoft believes in a fundamental split in security responsibility. The cloud provider is responsible for the physical aspects of the cloud IT infrastructure and the software that it provides. The customer is responsible for its own data. [Read More]
Servers operated by Blizzard Entertainment went down yesterday following a distributed denial of service (DDoS) attack against the video game company,claimed by the Lizard Squad hacking group. [Read More]
One month after announcing that it had issued over one million certificates since opening to the public in December last year, free and open Certificate Authority (CA) Let’s Encrypt has come out of beta. [Read More]
Mobile phone-based two-factor authentication (2FA) mechanisms are plagued by synchronization vulnerabilities that allow attackers intercept One-Time Passwords and bypass the security of many financial services. [Read More]
Aside from tools, there are many types of application security testing that can be used to find vulnerabilities in software. An organization must consider multiple software security testing methods to really manage its risk.
Enterprises should establish security policies with regard to traffic inspection, and implement the right mix of SSL decryption and traffic inspection systems that don’t introduce latency or business disruption.