Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Hackers launched a two-stage attack against BIPS to steal more that US$1 million worth of bitcoins.
CipherPoint identifies, secures and audits applications and Web applications. SecurityWeek sat down with CEO Mike Fleck to discuss the security startup.
WhiteHat Security announced support for analyzing source code written using PHP programming language within its static code analysis solution.
Please Join us for an Interactive Security Happy Hour Event on Wednesday in Washington, D.C.
Cigital on Wednesday announced the fifth major release of the of the Building Security In Maturity Model (BSIMM) study, which collected data from 67 security initiatives at organizations around the world.
Please join Trend Micro and SecurityWeek on Wednesday, Oct. 30th at Neptune's Waterfront Grill & Bar in San Francisco for an interactive security event with great food and open bar!
Please Join us for an Interactive Security Happy Hour Event on Wednesday in Washington, D.C.
DB Networks has introduced a new security appliance that provides an Intrusion Detection System (IDS) specifically designed to detect and block SQL injection attacks.
Please join Trend Micro and SecurityWeek this week in Minneapolis or Atlanta for a free security seminar along with with food and open bar!
Please join Trend Micro and SecurityWeek this week in Minneapolis or Atlanta for a free security seminar along with with food and open bar!

FEATURES, INSIGHTS // Application Security

rss icon

Marc Solomon's picture
To understand today’s array of threats and effectively defend against them, IT security professionals need to start thinking like attackers.
Mark Hatton's picture
There is a term currently permeating the security industry that distracts everyone from the larger goals at hand of making networks safer, mitigating threats and protecting critical data. The term is hype.
Chris Poulin's picture
If I have to sit through another presentation on information security that opens with the canned two or three slides peddling FUD, I’m going to launch myself across the table and unleash my own brand of FUD on the speaker. It’s not the bad guys who are winning, it’s the alarmists.
Ryan Naraine's picture
Immunity Inc. CEO and veteran hacker Dave Aitel talks about his early days in the security space, his argument against security awareness training, why Chris Soghoian is wrong on the exploit sale controversy and his own Brazilian Jiu-Jitsu game tactics.
Tal Be'ery's picture
Organizations should always assume third party code—coming from partners, vendors, mergers and acquisitions—is vulnerable, and take relevant precautions.
Tal Be'ery's picture
Tal explains the technical details behind recent Ruby on Rails vulnerabilities and shows how web applications’ administrators can avoid these and similar problems with some proper system hardening.
Avi Chesla's picture
The following predictions may help change these static roles, and allow you to look ahead at the upcoming threat trends to proactively plan your defense strategy.
Nimmy Reichenberg's picture
Application vulnerabilities are a prime vector for attacks. But one aspect of securing enterprise applications often overlooked and almost always poorly handled in organizations, is securing application connectivity!
Alan Wlasuk's picture
Every statistic indicates your website has probably been hacked already, and if it hasn’t already been, it will soon be. You won’t be aware of it until some outside points it out to you.
Noa Bar-Yosef's picture
Foresight is a Web application security company which provides a new type of technology as the front line of Web protection. I sat down with co-founder and CTO Israel Ragutski to chat on entrepreneurship and this new offering.