Attackers increasingly focus on software vulnerabilities in what application security expert Anthony Lim calls "the invisible onslaught." How can the CISO exert more control over software development?
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
We've been talking about shifting away from legacy mag-stripe technology and a move toward EMV chip cards for the last decade in the U.S. So is it too late, or is there still hope for EMV?
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
A notion emerging from the Heartbleed bug is that organizations can't determine if the vulnerability caused data to be exfiltrated. But CERT's Will Dormann says that may not always be the case.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
Increasingly, organizations are seeing attacks migrate from the network to the application level. How can security leaders ensure they are prepared to handle this shift? Kunal Anand of Prevoty offers insight.
The rise in usage of mobile devices has also come with a commensurate rise in application risk. View this webinar to find out how to make mobile app security a priority and tame the chaos.
Leading today's RSA Conference 2014 industry news roundup, Thycotic announces RSA survey results, while Freescale Semiconductor announces support for software.
Cisco has launched a new open source initiative focused on application identification, says Scott Harrell, vice president of the company's security business group.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Senior leaders in business and government are buying in to the need for more cybersecurity investments as well as threat-intelligence sharing, new research shows. But why are they still struggling to hire the right security pros?
White House Cybersecurity Coordinator Michael Daniel sees significant savings in continuous diagnostics because the automated approach to identifying systems vulnerabilities could replace costly checklist compliance reporting.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
