VerAfied Feature – Security: the ugly secret at the heart of #eventtech?

This blog post was originally published by GenieConnect at http://www.genie-connect.com/blog/security-the-ugly-secret-at-the-heart-of-eventtech. GenieConnect joined the ranks of our VerAfied secure software directory in June of this year using our static binary analysis service. We’re excited to see and supportive of GenieConnect’s decision to make the security of their software and users, a priority. If you’re short of […]

Just Another Web Application Breach

Another day another web application breach hits the news. This time ITWorld reports Hackers steal user data from the European Central Bank website, ask for money. I can’t say that I’m surprised. Although vulnerabilities (SQL Injection, cross-site-scripting, etc.) are easy for attackers to detect and exploit, they are still very common across many web applications. […]

For Java: I Patch, Therefore I Am?

Oracle’s Java platform is so troubled the question is whether to patch it, or kill it off. Oracle Inc. released its latest Critical Patch Update (CPU) on Tuesday of last week, with fixes for 113 vulnerabilities spread across its product portfolio, including 29 for Oracle’s Fusion Middleware, and 20 for the troubled Java platform. The […]

Introduction, or How Securing the Supply Chain is like “Going Green”

Application security is, as any practitioner will tell you, a hard technical and business problem unlike any other. The best advice for successfully securing software is usually to avoid thinking about it like any other problem — software security testers are not like quality assurance professionals, and many security failures arise when developers think conventionally […]

Is It Time For Customs To Inspect Software?

The Zombie Zero malware proves that sophisticated attackers are targeting the supply chain. Is it time to think about inspecting imported hardware and software? If you want to import beef, eggs or chicken into the U.S., you need to get your cargo past inspectors from the U.S. Department of Agriculture. Not so hardware and software […]

Video Survey: What Would You Do with a Monster in Your Corner?

In our final video survey installment as part of the Future of AppSec Series, we talk about the idea of having a “Monster in Your Corner“. Application security often feels like a massive intractable problem, the sort of problem that requires a really big friend to help you solve, or in our thinking – a […]

Truth, Fiction and a 20 Year Old Vulnerability

The impact of a 20 year old flaw in the LZ4 is still a matter of conjecture. The moral of the story isn’t. What were you doing in 1996? You remember ’96, right? Jerry McGuire, Independence Day and Fargo were in the theaters. Everybody was dancing the “Macarena”? In the technology world, 1996 was also […]

Applications are Growing Uncontrollably and Insecurely

This year I’m working with IDG to survey enterprises to understand their application portfolio, how it’s changing and what firms are doing to secure their application infrastructure. The study found that on average enterprises expect to develop over 340 new applications in the 12 months. As someone that has been working in and around the […]

1 2 3 68