Signal Sciences today announced the availability of its Signal Sciences Web Protection Platform (WPP). WPP is new platform designed to provide threat protection for web applications, APIs, and microservices on any platform. This platform launch comes on the heels of Signal Sciences’ announcement of a $15 million series B funding round led by CRV. Signal … continue reading
The Open Web Application Security Project (OWASP) released its Top 10 2017 project for public comment. This is the 14th year OWASP is raising awareness of security risks with its list, and it contains two major vulnerability updates, example attack scenarios, and a list of free and open resources for security-conscious developers. When Jeff Williams, OWASP … continue reading
The software security world is prone to ebbing and flowing. Twenty years ago, firewalls were the new hot solution. Fifteen years later, there were these hot new things called application firewalls. What was old was new again. So it was at the annual RSA Conference this year. Last year was something of a flush out, … continue reading
In its 2015 report, the Open Web Application Security Project (OWASP) identified SQL injection and cross-site scripting among its Top 10 software vulnerabilities. Again. If it feels as if you’ve been reading this same story for the last decade, it’s because you have. So why is it that we can build intelligent robots, fling unmanned … continue reading
One of the things we see a lot of here at SD Times is surveys. It’s a great idea for your company to survey its customers, and the resulting information can be really useful—not just to your company, but to those of us who track the industry and its trends. Thus, I was fairly disturbed … continue reading
Google announces Android Lollipop We finally know what the “L” stands for. Google announced its next mobile operating system, Android 5.0, will be codenamed Lollipop, and ship on the Nexus 6 and Nexus 9 in November. Google first announced Android “L” back in June at Google I/O, releasing a developer preview with more than 5,000 … continue reading
The one recurring theme throughout 2013: Test early, test often, or else … continue reading
This process identifies and prioritizes risks before dealing with them, which should ease things for developers … continue reading
The list is too broad and incomplete to serve as a gold standard for security practices … continue reading
This year’s list throws some attention to this oft-overlooked issue … continue reading