Application Security

Application Security | News, how-tos, features, reviews, and videos

rocket launch startup cloud success growth

The 18 biggest data breaches of the 21st century

Security practitioners weigh in on the 18 worst data breaches in recent memory.

hand holding paper cloud for google cloud logo

What is sql injection? How SQLi attacks work and how to prevent them

SQL injection is a type of attack that can give an adversary complete control over your web application database by inserting arbitrary SQL code into a database query.

two tiny figures study dashed lines with arrows indicating different directions or paths

Secrets of 'shift left' success

The shift left movement is about bringing security into the software development cycle earlier through DevSecOps and other changes, yielding more secure software more quickly and at lower costs.

bucket with holes breach security vulnerability

Reevaluate "low-risk" PHP unserialization vulnerabilities, researcher says

Over nearly a decade, PHP unserialization vulnerabilities have become a popular route for cyber-criminals to plant remote code execution or deliver other malware into systems. But new research, introduced at Black Hat this month,...

security bug

Software security: There’s more to it than bug-bounty programs

Take full advantage of white-hat hackers to help you secure your code. And still do all the other security stuff you should do before you release your code

external url

24 best free security tools

Check out these 24 free, standout software tools that will make your daily security work easier.

agile devops

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

01 hot products at rsa 2018

Hottest cybersecurity products at RSA 2018

Here's a quick run-down of some of the new products announced at the conference, or shown there for the first time.

patch

6 steps for a solid patch management process

Patch management is simply the practice of updating software – most often to address vulnerabilities. Although this sounds straightforward, patch management is not an easy process for most IT organizations. Here are the steps you need...

fact fiction debunk myths truth

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

03 emm

Why Google partnered with MobileIron – and what they plan to offer

Google will use MobileIron's enterprise mobility management platform and analytics software to create App Store-like instances that can be offered through telecom providers.

raining data on keyboard programming developer code

What is DevSecOps? Developing more secure applications

DevSecOps is about introducing security earlier in the life cycle of application development, thus minimizing vulnerabilities and bringing security closer to IT and business objectives.

Load More