Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.
Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.
Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.
IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.
The warranty on your car is about to expire. Press 1 to purchase an extension. Someone has stolen your bank information. Click here to change your social security number. Your grandchild has been kidnapped. Send money to help us return the child safely. We get phishing emails like these literally all day long, and now … continue reading
I’ve spent most of my professional life convincing businesses to shift things left — shift-left testing for software, shift-left demand and supply forecasts for supply chains, shift-left analytics to understand future implications earlier than your competition. Hopefully that explains why it seems heretical for me to talk about shift-right testing at all. Will shift-right testing … continue reading
.NET 6 Preview 3 now available. The platform matrix of .NET 6 was significantly expanded as of the new preview with the addition of Android, iOS, Mac and Mac Catalyst for x64 and Apple Silicon and Windows Arm64. The CollectionsMarshal.GetValueRef API was added to make updating struct values in Dictionaries faster and is intended for … continue reading
Mobile games are often broken into so users can access premium content, paid features and obtain in-game currency. This is done by tampering with memory, bypassing payments and touchID screens, and downloading paid apps for free — and can be done on both jailbroken or non-jailbroken devices. In a recent webinar on SD Times, Jan … continue reading
BMC, a provider of software solutions for the autonomous digital enterprise, announced new offerings and integrations with its BMC Automated Mainframe Intelligence (AMI) and BMC Compuware portfolios that focus on streamlining mainframe application development, increased uptime and faster threat detection. The BMC Compuware ISPW solution for software change management enables developers to easily edit source … continue reading
Microsoft announced bug bounty awards for Teams desktop client security research under the new Microsoft Applications Bug Bounty Program. The program includes five scenario-based awards for vulnerabilities that have the highest potential impact on customer privacy and security and also general bounty awards for other valid reports for the Teams desktop client that don’t qualify … continue reading
The enterprise architecture and cloud governance company LeanIX made new SaaS management and microservices updates to its portfolio this week. The company announced it has acquired Cleanshelf, a SaaS management provider; and added Microservice Intelligence to its Continuous Transformation Platform. Cleanshelf’s software provides an automated view of all SaaS applications in an enterprise, simplifies management … continue reading
In today’s ever-changing world, businesses need to have a strong application security (AppSec) program in order to succeed and survive. Many businesses are taking a shift-left approach to security, moving security earlier in the application life cycle — but this puts a lot of pressure on the development team that is already pressured to move … continue reading
At CES this year, an impressive number of enterprise providers presented solutions for homes mostly focused on home offices, robotics, and automobiles (emphasizing autonomous electric cars). Companies like Caterpillar, BlackBerry, Hive, IBM, Philips, Google, Amazon, Twitter, Wing Venture Capital, and others are showcasing solutions that are being asked to bridge capabilities between homes and large … continue reading
DeepSee.ai announced it has received $22.6 million in series A funding to accelerate product development and to expand the platform beyond the capital markets and insurance verticals. The DeepSee.ai’s Knowledge Process Automation Platform offers a cloud-agnostic approach to deliver improvements and is also designed to integrate with existing systems and tools. “We founded DeepSee to … continue reading
The second preview of .NET 6 is now available with new APIs, runtime improvements, and early .NET MAUI builds. According to the team, with this announcement they are now back on schedule to monthly previews until .NET 6 is officially released in November. Once released, .NET 6 will be supported for three years as a … continue reading
Veracode has introduced a secure coding competition, The Hacker Games, which aims to challenge university students to hack and patch real-life apps online to win individual prizes, plus $15,000 in charitable donations for the top universities. “Training around secure coding is almost absent at the university level. We’ve launched The Veracode Hacker Games to help … continue reading