Data exfiltration, network breach, identity theft, brand defacement... Enterprises are under attack. Traditional security methods have been unable to keep up with hackers in today's changing application environment. The success of improved network security products together with the increased attack surface...
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
The rise in usage of mobile devices has also come with a commensurate rise in application risk. View this webinar to find out how to make mobile app security a priority and tame the chaos.
With the escalating number and increasing sophistication of cyber attacks, perimeter defenses are no longer enough. Enterprises must ensure application vulnerabilities don't open doors for hackers.
Mainstay surveyed 12 organizations that implemented application vulnerability testing with HP Fortify. Their findings:...
Leading today's RSA Conference 2014 industry news roundup, Thycotic announces RSA survey results, while Freescale Semiconductor announces support for software.
Cisco has launched a new open source initiative focused on application identification, says Scott Harrell, vice president of the company's security business group.
Change is headed your way whether you're prepared or not. DoS/DDoS attacks are the weapon of choice for cyber-hacktivist groups and are increasing in severity and complexity. But don't press the panic button just yet. The 2013 Global Application and Network Security Report provides insight to help detect, mitigate and...
Cyber activists and financially motivated attackers are getting sophisticated - launching prolonged, multivulnerability attack campaigns. No single tool or solution is effective against the broad range of attacks that
target every layer of the IT infrastructure - the network layer, the servers layer and the...
Application white-listing is the number one strategy in Australia's Defence Signals Directorate (DSD) list of 35 Strategies to Mitigate Targeted Cyber Intrusions; it is deemed an essential control. Application white-listing gives administrators visibility and control over applications that are allowed to communicate...
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Most security professionals understand the importance of finding and eliminating application vulnerabilities. Yet, based on the rate of exploitation of vulnerable websites, it appears that web application protections have been neglected, because of underfunding or lack of focus.
Making the argument for better...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.