Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cybersecurity startup Threat X, which offers cloud-based web application firewall (WAF) solutions, today announced that it has closed an $8.2 million Series A funding round. [Read More]
Cybercriminals are targeting websites running the Magento platform to inject them with code that can steal credit card data and infect visitors with malware, Flashpoint reports. [Read More]
VMware acquires threat detection and response firm E8 Security. This is the third cloud and security-related acquisition made by VMware in less than two months [Read More]
Drupal announced plans to release a security update for Drupal 7.x, 8.3.x, 8.4.x, and 8.5.x on March 28, 2018, aimed at addressing a highly critical vulnerability. [Read More]
Attackers can use online sandbox services to exfiltrate data from an isolated network, a security researcher has discovered. [Read More]
White hats managed to hack Microsoft Edge, Oracle VirtualBox and Apple Safari on the first day of the Pwn2Own 2018 hacking contest, earning a total of $162,000 [Read More]
Luminate emerges from stealth with $14 million in funding and a platform that secures access to enterprise applications and resources in hybrid cloud environments [Read More]
Biometric authentication firm BioCatch has raised $30 million in new growth financing led by Maverick Ventures. [Read More]
The new and emerging world of artificial intelligence -- that is, algorithms -- promises huge benefits for industry in increased speeds and lower costs; just as it does in the financial markets. [Read More]
Schneider Electric patches vulnerabilities in IGSS automation system, including in SCADA software and mobile applications [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Jim Ivers's picture
Hackers are human. Hopefully that doesn’t surprise you too much. Being human means that they are subject to human tendencies, like taking the path of least resistance.
Jim Ivers's picture
Aside from tools, there are many types of application security testing that can be used to find vulnerabilities in software. An organization must consider multiple software security testing methods to really manage its risk.
David Holmes's picture
Considering that you can find vendors, startups, and specialists in any of these 28 application security technologies, is it realistic to expect any one person to be a subject matter expert in all of them?
Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
Jim Ivers's picture
Built in or bolted on? When have you ever seen “bolted on” as the first choice of anyone in just about any imaginable scenario? Yet for software security, “bolted on” is certainly the norm.
Jim Ivers's picture
Hackers are creative by nature, so you have to use your imagination to think like one. Once you can see your organization from a hacker’s point-of-view, you will be equipped to defend your organization like a security pro.
Danelle Au's picture
When it comes to SaaS applications versus on-premise, there are three characteristics that define the need for a different approach to data governance, risk management and security in the cloud.
Adam Firestone's picture
Security requirements for information assurance, risk management, and certification and accreditation constrain Government organizations with respect to software allowed on Government networks.
Wade Williamson's picture
As we build more accessible, scalable, and efficient computing models, we likewise open ourselves up to attacks that are likewise more accessible, scalable and efficient.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.