Software Security Guide

Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.

Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.

Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.

IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.


OpenSSF shares progress for its Alpha-Omega project in 2023

The Open Source Security Foundation (OpenSSF) released the annual report for its Alpha-Omega project, an initiative that focuses on identifying and remedying vulnerabilities within source code to create a safer digital environment.  According to OpenSSF, the Alpha-Omega project has become a pivotal player in enhancing the security infrastructure of open-source software, reflecting a proactive approach … continue reading

Apple makes changes to iOS, Safari, and App Store in response to EU’s Digital Markets Act

Apple has announced significant updates to iOS, Safari, and the App Store, specifically for the European Union, in response to the Digital Markets Act (DMA).  These updates encompass over 600 new APIs, enhanced app analytics, support for alternative browser engines, and more options for app payment processing and iOS app distribution. These changes aim to … continue reading

O’Reilly finds 3,600% increase in interest in generative AI in last year

It’s no surprise that people have grown more interested in AI over the last year. The technology insights company O’Reilly has just published its annual trends report, in which it revealed just how much more interest people have these days. According to the findings, interest in GPT and generative AI has grown 3,600% year over … continue reading

Quest Software unveils new standalone Toad Data Studio solution to simplify database management and analysis

Quest Software, a provider of systems management, data protection, and security software, has announced the general availability of Toad Data Studio. This all-in-one platform is designed to streamline database management across multi-database platform environments. The release comes at a time when the complexity of database infrastructure is increasing and enterprises are struggling with agility and … continue reading

Report: APIs are the biggest form of internet traffic and biggest attack vector

In a recent surge within the digital sphere, APIs have eclipsed other forms of internet traffic, becoming a pivotal component of our online world. The 2023 API Security and Management Report indicates that APIs now account for more than half (57%) of the dynamic internet traffic processed by Cloudflare in the past year.  Yet, this … continue reading

A guide to security testing tools

The following is a listing of security testing tool providers, along with a brief description of their offerings. FEATURED PROVIDER HCL AppScan helps organizations pinpoint and remediate vulnerabilities throughout the software development lifecycle (SDLC) with a suite of application security testing platforms available as a cloud-based service (SaaS), self-managed, or cloud-native. Powerful static, dynamic, interactive, … continue reading

premium The importance of security testing

With more development teams today using open-source and third-party components to build out their applications, the biggest area of concern for security teams has become the API. This is where vulnerabilities are likely to arise, as keeping on top of updating those interfaces has lagged. In a recent survey, the research firm Forrester asked security … continue reading

6 common patch management mistakes to avoid

Patch management is like painting or gardening: At first glance, it may seem like routine and straightforward work. But in practice, it can prove much more challenging than it looks. Just as lack of prep work can spell disaster for a paint job, or forgetting to water and weed regularly can turn your garden into … continue reading

Year in Review: Security

As we bid farewell to another year, it is crucial to reflect on the threats of cyberattacks and ransomware and think of how to mitigate them moving forward. However, this year feels a bit different – marked by the unknown of what challenges AI will bring to the security landscape in the new year.  This … continue reading

AWS launches SaaS Quick Launch for easier deployment of SaaS apps

AWS is making it easier for companies to deploy applications from the AWS Marketplace in their environment with the release of SaaS Quick Launch.  According to AWS, this new capability will solve a previous challenge of deploying applications, which could require hours to set up permissions policies and cloud infrastructure.  Manually configuring these also introduced … continue reading

CISA outlines five efforts for safely adopting AI in newly published roadmap

The Cybersecurity and Infrastructure Security Agency (CISA) has just published a roadmap for safely and responsibly utilizing AI.  This follows President Biden’s Executive Order on AI last month. “In last month’s Executive Order, the President called on DHS to promote the adoption of AI safety standards globally and help ensure the safe, secure, and responsible … continue reading

Why decentralized architectures will power next-gen virtual worlds and gaming environments

People buy digital assets in games every day. In fact, 89.5 percent of all commerce associated with gaming in 2022 was digital, per The Digital Entertainment and Retail Association. True ownership of those digital assets, however, remains a huge, intrinsic problem for the gaming industry.  In practice, the sales of these assets are more akin … continue reading

1 2 3 71 Protection Status