With the industrialization of cybercrime and rise in hacking severity, the value of traditional application security techniques is imploding. The Web Application Firewall (WAF), considered as a go-to security solution until not long ago, is currently experiencing a constant erosion in its effectiveness. On the other hand, Static Application Security Testing (SAST) solutions are gaining momentum.
When you’re constantly reacting to suspicious alerts and fixing vulnerabilities only after they’ve been exploited, you’re missing the point of application security. Application security, according to Wikipedia, “encompasses the measures taken throughout the code’s life-cycle to prevent gaps in the security policy of an application or the underlying vulnerabilities… of the application.” The practice
The massive rise in the number of web and mobile applications in recent years has indirectly led to an inferno of cybercrime that aims to exploit application-layer vulnerabilities. Organizations have a wide range of security products at their disposal today, but they are often unable to decide between automated and manual application security testing. This
The e-commerce and retail fields have undergone mammoth changes over the last decade. Paying in hard cash has almost become a thing of the past. Credit and debit cards are now being used to conduct millions of transactions and e-shopping purchases on a daily basis worldwide. But this new reality has also introduced numerous security perils.
Due to the growing demand for robust applications, the secure Software Development Life Cycle methodology is gaining momentum all over the world. Its effectiveness in combating vulnerabilities has made it mandatory in many organizations. The objective of this article is to introduce the user to the basics of the secure Software Development Life Cycle (also known
The new partnership between Virtual Forge and Checkmarx offers companies a powerful platform for testing and ensuring the application security of business applications, including those that are developed in SAP ABAP. Much of the data breaches still take place through the exploitation of vulnerabilities and security holes in software. Many companies therefore see the need
The Android mobile platform has come a long way since its introduction in 2008. Almost 80% of smartphones activated last year (2013) were powered by the “green robot”. But the customizable interface and other open source advantages come at a price. Android is ridden with vulnerabilities. Android’s biggest convenience is also its biggest security issue.
The Cridex Banking Trojan is wreaking havoc in Europe, especially in Germany. Hackers are implementing the traditional phishing methodology to trick victims into compromising their banking information. The Cridex malware has now officially overtaken the ZeuS Trojan and its clones thanks to the recent activity spike. Six different URL schemes are being used to cover-up
Hacktivism, commercial malware and criminal exploitation have become the norm in today’s cyberspace. This worrying trend has magnified the need for a comprehensive testing solution that can be integrated into the SDLC. Enter Source Code Analysis (SCA).
With hackers compromising virtually every software platform that exists, it’s time for all of us to step up our cyber security awareness. Security issues are crucial especially at work establishments, where sensitive information and data are susceptible to attack.