The importance of OAuth 2.0

“There’s an app for that,” but not all apps are created equal. Users expect there to be an endless amount of applications to make their lives easier, but they forget to take into account what kind of security measures those applications provide. In addition, these applications and services often connect to other applications and services, … continue reading

Bugcrowd: Young cybersecurity professionals are turning to bug hunting

Hackers are getting an earlier start when it comes to bug hunting careers, according to a new report. Bugcrowd has released its second annual report, Inside the Mind of a Hacker 2.0, which details the demographics and motivations of the bug hunting community. The report found that bug bounty programs are up more than 77 percent … continue reading

How your security budget helps hackers win

When a single breach can cause untold damage to your business, from millions in losses to reputational damage, operational disruption, and lost trust, you want to align your security budget with the actual threats you face. So why does the typical company allocate less than 3% of its security budget to application security—when a full 30% of successful breaches … continue reading

Google: More of the web is protected with HTTPS

It has been over a year since Google announced its commitment to provide a more secure web with HTTPS, and today the company is announcing it is making great strides. Google is releasing its public Transparency Report to detail the progress it’s made with HTTPS usage. According to the report, 64% of Chrome traffic on … continue reading

Report: The top 8 emerging technology domains, and their threats

With great technology comes great risks. As new technology continues to emerge in this digital day and age, Carnegie Mellon University’s Software Engineering Institute (SEI) is taking a deeper look on the impact they will have. The institute has released its 2017 Emerging Technology Domains Risk report detailing future threats and vulnerabilities. “To support the … continue reading

SD Times news digest: Equifax cybersecurity incident, Filecoin ICO, and Vagrant 2.0

Equifax announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. According to the company, “criminals exploited a U.S. website application vulnerability to gain access to certain files.” As of now, the company has no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases. “This is clearly a disappointing event for our company, and one … continue reading

SecurityScorecard: Government ranks #16 out of 18 industries in cybersecurity

SecurityScorecard’s annual U.S. State and Federal Government Cybersecurity Report was released today, and it paints a very grim picture of the government’s cyber health status. Across all of the industries surveyed, including transportation, retail, and healthcare, government organizations received one of the lowest security scores. Cybersecurity incidents show no signs of slowing down, and as … continue reading

Black Hat USA 2017: Machine learning is not a silver bullet for security

Machine learning brings new opportunities in the software security realm by offering new ways to handle data, detect malware and improve solutions. However, the problem with machine learning today is that it can be marketed as a silver bullet to catch all things in the security industry, when in reality the technology still has many … continue reading

Apollo Server 1.0, GitHub’s Internet Bug Bounty donation, and the Google Cloud Platform — SD Times news digest: July 21, 2017

A new GraphQL server is now available for all Node.js frameworks. Apollo Server is a open-source GraphQL server that is community-maintained and works across: Express, Connect, Hapi, Joa, AWS Lambda, Restify and Micro. The Apollo team announced version 1.0 of the server this week. It is built for the community, for simplicity and for performance. … continue reading

WhiteHat Security: Improving application security with DevSecOps

Does the DevSecOps approach make a difference when it comes to improving application security? According to this year’s 12th annual WhiteHat Security “Application Security Statistics Report,” it certainly does. This year’s WhiteHat report includes a case study that details a large health organization’s successful implementation of a DevSecOps approach.  According to the study, critical vulnerabilities … continue reading

LogiGear’s in-depth look at DevOps and CD, appOrbit emerges, and Comodo’s EDR solution — SD Times news digest: June 26, 2017

LogiGear announced new continuous delivery findings as part of its software industry survey series designed to assess the state of software testing. This is the second survey in the four-part series. The survey on DevOps, and found most known pain points of transitioning to DevOps involves getting groups that don’t naturally work well together to have the … continue reading

S3 data exposure highlights security risks in the cloud

The cloud provides huge benefits when it comes to agility and scale, but it also can cause major headaches and problems for businesses. The latter was evident last week when Deep Root Analytics, a data management platform provider, suffered from a data leakage. The leak resulted in data exposure of more than 198 million American … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com