Weekly News Roundup

Lawyers smartening up with cybersecurity: ”Lawyers Get Vigilant on Cybersecurity“ by Jennifer Smith. Law firms are now beginning to see an increasing number of cyber attacks. With the use of mobile devices to handle deals and other confidential matters, firms are now starting to smarten up and lock down. Lawyers are being asked to encrypt messages, avoid […]

SQL Injection – The Many Flavors of AppSec

It’s Thursday again so that means it is time for the third drink recipe in our series “The Many Flavors of AppSec”. Over the past two weeks you’ve got to indulge on our Anonymous and AppSec in the Cloud cocktails. This week we present the SQL Injection Shot!

Is the Flame Virus losing its heat?

Hi everyone, today we present an opinion piece from Ed Jones of Firebrand Training. In this post Ed discusses the “Flame” virus. I hope you enjoy this quick read!

SQL Injection Explained

Check out this video with Veracode Security Researcher Fred Owsley discussing SQL Injection. SQL Injection is a type of web application security vulnerability in which an attacker is able to submit a database SQL command which is executed by a web application, exposing the back-end database. Fred explains how SQL Injection occurs and what you can do protect your data from a SQL Injection attack. The video can be viewed below, enjoy! For your convenience we have also transcribed the video.

Insecure Cryptographic Storage Explained

We recently recorded Veracode Security Researcher Chris Lytle discussing Insecure Cryptographic Storage. Insecure Cryptographic Storage is a common vulnerability that occurs when sensitive data is not stored securely. Protecting sensitive data by encrypting it should be a key step in a Secure Software Development Lifecycle. In this video Chris describes what Insecure Cryptography is and explains the impact of Insecure Cryptographic Storage Flaws.

Broken Logic – Avoiding the Test Site Fallacy

Dynamic Application Security Testing (DAST) has become an integral part of the SDLC in most organizations today. DAST tool vendors demonstrate their tools by allowing prospects to scan test sites so they can see how the scanner works and the reports generated. We recently featured a webinar from Veracode Senior Security Researcher, Isaac Dawson, on […]

Weekly News Roundup

Happy Friday everyone! There has been a lot of news involving breaches and their effects this week, so here’s our wrap of this week’s events! It’s only June, and there have already been 189 breaches this year: “The Worst Data Breaches of 2012 (So Far)” by Ellen Messmer. This slideshow highlights the 15 most significant data […]

AppSec in the Cloud – The Many Flavors of AppSec

The weekend is nearing again, so that means it’s time for another flavor of AppSec recipe! With the summer heat arriving in Boston this week, we’re all in need of a refreshing new drink. Today we present AppSec in the Cloud. This is the second recipe in our series “The Many Flavors of AppSec”. For anyone who missed last week’s post – The Anonymous cocktail – the recipe can be found here.

1 2 3