Tech Center Application Security
Dark Reading's Application Security Tech Center offers breaking news and analysis on the latest threats, vulnerabilities, and new technological defenses for today's business applications. Written for security, IT, and business professionals, the Application Security Tech Center is designed to provide in-depth information and perspective on practices and technologies for securing and defending enterprise software, as well as breaking news on new threats that affect business and Web applications.
Featured Commentary
-
Tim WilsonDark Reading Launches New Tech Center On Application Security
New Dark Reading subsite will offer news, analysis, and commentary on application security issues.
News
-
Controlling The Risks Of Vulnerable Application Libraries
Libraries are easier to use than ever, but they're piling on more risk to the development process
-
Strategies For Improving Web Application Security
Web apps are essential to your business -- and easy targets for hackers. Here are some tips for keeping them secure
-
Secure Software Standard In The Spotlight
Microsoft, among others, sees ISO application security standard as a way to spark widespread adoption of secure development programs
-
SAFECode Launches Software Security Training Program For Enterprises
Free curriculum will help businesses build software security training programs in-house, SAFECode says
-
Erase The Line Between QA Defects And Security Flaws?
Is a defect a defect by any other name? Some testing advocates push for industry to stop segregating security from the rest of quality testing categories
More Stories
- Websites Harbor Fewer Flaws, But Most Have At Least One Serious Vulnerability
- LivingSocial Says Cyberattack Puts Data Of 50 Million Customers At Risk
- How To Stop Making Excuses For Poor Application Security Testing
- Java's Security Renaissance Begins
- Taking Steps To Stop Software Sabotage
By The Numbers
App Sec Not A Team Effort
Among enterprises, fewer than a quarter of them would say that application security is a team effort between the security team, development team and QA team.
Source: InformationWeek 2012 Application Security Survey
Commentary
-
Dark Reading Launches New Tech Center On Application Security
By Tim Wilson
New Dark Reading subsite will offer news, analysis, and commentary on application security issues
-
Identity Versus Authentication
Distinguishing between identity and authentication
-
How I've Become One With The Rest Of The World
By Marisa Fagan
I'm not quitting the security game, but I want to get experience outside of the choir
-
Monitoring Challenges For NERC/FERC Environments
By Andrew Hay
Many vendors claim to be entrenched within NERC and FERC regulated critical infrastructure clients, but few understand where the real goldmine of data resides
Around the Web
Dark Reading Reports
-
Strategies for Improving Web Application Security
Web applications are fraught with risk, but for most companies, not having them is not an option. They're just too important to customers and to the business. In this Dark Reading report, we recommend some best practices for balancing the needs of the business with security requirements. It doesn't take special certification or a million dollars, but it does take planning, time, and a smart combination of tools and best practices.
-
Tools and Strategies for File-Level Data Protection
There is nothing in the enterprise that warrants protection more than data, but security pros all too often focus more on perimeter security. This may be because it can be more challenging to secure data, but once data is locked down, any compromises to the networks and servers that transport and house it almost don't matter. In this Dark Reading report we recommend several ways that security pros can effectively ensure that data is kept from prying eyes.
-
Insecurity with Java
In the wake of a zero-day vulnerability being exploited by multiple active attacks, IT teams wait for Oracle to respond. Again. Here's how to keep your systems safe, but meanwhile, start considering: Does Java's popularity as an attack vector vs. its diminishing functionality make permanently disabling plug-ins a smart idea?
Related Content
-
Detecting and Blocking Site Scraping Attacks
Site scraping attacks range from harmless data collection for personal research to calculated, repeated data harvesting used to undercut competitor's prices or to illicitly publish valuable information. Site scraping can undermine victims' revenues and profits by siphoning off customers and reducing competitiveness. This paper investigates various types of scraping attacks, site scraping tools, and effective techniques to detect and stop future attacks.
-
How SEEK Prevents Competitors from Scraping Website Content with Imperva
SEEK, Australia's number one job site, prevents competitors from scraping Website content with Imperva SecureSphere. This video case study shows how Imperva's SecureSphere Web Application Firewall safeguards SEEK's Website from site scraping and Web application attacks.
-
Cutting the Cost of Application Security: An ROI White Paper
Web application attacks can result in devastating data breaches and application downtime, costing companies millions of dollars in fines, brand damage, and customer turnover. This white paper illustrates how Imperva's SecureSphere Web Application Firewall provides a Return on Security Investment of 2090% by preventing data breaches and Website downtime.
-
Botnets at the Gate: Stopping Botnets and Distributed Denial of Service Attacks
Botnets have infiltrated millions of users' computers and wrecked incalculable damage. This white paper lifts the veil on botnets and on the cyber-criminals behind them. It analyzes the history, growth, and economics behind botnets. It then investigates one of the most common attacks executed by botnets: the Distributed Denial of Service (DDoS) attack.
-
Hacker Intelligence Summary Report: The Anatomy of a Hacktivist Attack
Imperva witnessed a recent hacktivist attack that lasted for 25 days. Our observations give insight into hacktivist attack methods and an examination of how social media enables recruitment and attack coordination. Understanding how hacktivists operate will help organizations prepare for a future attack.
Free Research and Reports
Whitepapers
Upcoming Events
Dark Reading Digital Magazine
In This Issue
- The Future Of Web Authentication: Password technology is out of steam. We need safer ways to prove who's who online.
- Rethink ID Management: If the technology continues to improve, it might soon be OK for all of us to be one person on the Web.