Application Security

Application Security news, information, and how-to advice

security training ts
adobe systems headquarters san jose

code programming software bugs cybersecurity

This tool can help weed out hard-coded keys from software projects

Truffle Hog can find access tokens and keys that are 20 characters or longer inside source code repositories

ransomware data laptop

MongoDB ransomware attacks sign criminals are going after servers, applications

Ransomware is lucrative, and attackers looking for new ways to extort enterprises are going after data stored on web and app servers, even SaaS apps

bug bounty

Why companies offer a hacking bounty -- and why there are challenges

Major companies like Apple, Uber, and Yelp regularly offer bounties -- some as high as $200,000 -- but there can be drawbacks

ransomware data laptop

Exposed MongoDB installs being erased, held for ransom

Administrators should check their MongoDB deployments before they’re wiped clean

devops programmer computer

The outlook of application security in 2017

Educated guesses about what the direction of application security and secure development based on code has changed over the last year

Android statues

Remote management app exposes millions of Android users to hacking

Man-in-the-middle attackers could exploit an AirDroid flaw to execute malicious code on devices

security thinkstock

CERT to Microsoft: Keep EMET alive

Windows systems with Enhanced Mitigation Experience Toolkit properly configured is more secure than a standalone Windows 10 system, says CERT

iot security

The solution for IoT security might be simpler than you think

What to do about the systemic risk of IoT devices that spawned the Mirai Botnet

chain rust link heavy iron metal

Rust language revs up compiler speed

Rust 1.13 is out, but it's marred by a 'serious' bug in ARM code generation

nothing to fear thinkstock

Linux Foundation doubles down on support for tamper-free software

The Reproducible Builds Project is designed to ensure binaries built from open source projects have not been tampered with

adobe systems headquarters san jose

Adobe fixes flaws in Flash Player and Adobe Connect

The Flash Player patches address nine critical vulnerabilities

cybersecurity awareness month banner v3 2

Cybersecurity Awareness Month: Shedding light on application security

Debunking application security fallacies for Cybersecurity Awareness Month

Security online

Flaw in Intel CPUs could help attackers defeat ASLR exploit defense

A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.

money loss bankrupt crash black hole

The era of nine-digit defects

For big business, IT and software risk can result in nine digit defects. These are the massive outages we read about in the news that cause big consumer headache and sometimes cost CTOs, CIOs and CEOs their job. Better adherence to...

vulnerable

12 hardware and software vulnerabilities you should address now

Hardware and software that live past their end-of-life dates pose serious risks to organizations. Find out which assets you should update, upgrade, or replace ASAP

slack icon

Security for your collaborative software

Collaborative apps like Slack and Convo are like a sieve, but no one quite knows what to do about it

windows bugs crashes

Microsoft opens up its 'million dollar' bug-finder

Project Springfield, which includes Microsoft's in-house testing technology for Windows and Office apps, uses whitebox fuzzing technology to sniff out flaws that could lead to crashes

5 checklist

What’s in your code? Why you need a software bill of materials

When developers and suppliers carefully list the tools used to build an application and what third-party components are included, IT can improve software patching and updates

Load More