• Posts
Information Security
• Security Information and Event Management (SIEM)
• Application Security Monitoring
• Application security for system administrators
• Embedded Systems Security
• Software Composition Analysis (SCA): A Deep Dive
• Application Security Governance
• Malware: The Malicious Software That Threatens Your Devices
• Security Engineering
• In-memory data protection: A critical need in today's world
• Privilege escalation: What it is and how to prevent it
• Security Testing
• API security
• Vulnerability Assessment
• Application security for software architects
• Application Security Architecture
• Vulnerability Management
• Database Security: Keeping Your Data Safe
• Application Security Culture
• Identity and Access Management (IAM): The Key to Securing Your Organization
• Password Management: It's Not Just About Remembering Your Passwords
• Input Validation: The Key to Secure Applications
• Open Web Application Security Project (OWASP)
• Application Security Education
• Application security for beginners
• Application Firewalls: Your First Line of Defense
• Grey Box Testing
• Cloud Security: Protecting Your Data in the Cloud
• XML Injection: A Dangerous Vulnerability
• Zero-Day Attacks
• Mobile Application Security: A Critical Need in Today's World
• Application security for everyone
• Network Security Architecture
• Web Application Firewall (WAF)
• Web Development Security
• Application Security Compliance
• Zero-day exploit prevention
• Wireless Security Architecture
• Code Review: A Peer's Eye View
• Application Security Weaknesses
• Integration Testing: The Next Step in Software Testing
• Data Loss Prevention (DLP): Protecting Your Data
• Security Training
• Object-oriented programming (OOP) injection: A threat to your code
• Security Operations Center (SOC)
• Operating System Security
• API Security: Protecting Your Data
• Software Development Life Cycle (SDLC) Security
• Cloud Application Security
• Application Security Career
• Enterprise Application Security
• Application Security Testing: Protecting Your Apps
• DevSecOps: The Future of Security
• Security Policy Development
• Application security for IT professionals
• Web Application Security Testing (WAST)
• Static Application Security Testing (SAST): A Deep Dive
• Physical Security
• Denial-of-service (DoS) Prevention
• Attack Surface Management: Protecting Your Organization from Attack
• Application security for web developers
• Application security for testers
• Application security for executives
• Fuzz Testing: A Black-Box Testing Technique
• Code Analysis: Finding and Fixing Security Vulnerabilities
• Mobile Application Security Testing
• Denial-of-service (DoS) attacks: A threat to your website
• Security Auditing
• Security Automation
• Security Incident Response
• Cross-site Scripting (XSS)
• Phishing: The Art of Deception
• Application Security Metrics
• Web Application Security
• Runtime Application Self-Protection (RASP)
• Application security for managers
• System Security
• Risk Assessment
• Dynamic Application Security Testing (DAST): A Hands-On Approach
• Application Security Vulnerability Management
• Application security for software engineers
• Ransomware: A growing threat
• Application security for security professionals
• Application Security Training
• Container Security: Keeping Your Applications Safe
• Security Awareness Training
• Application Security Awareness
• Secure Coding Practices
• Application Security Best Practices
• Zero Trust Security
• Threat Modeling
• Browser Security
• Side-Channel Attacks: Sneaking a peek at secrets
• Encryption: The Art of Keeping Secrets
• Threat Intelligence
• Application security for developers
• Wireless Security

Security Awareness Training

Security awareness training is a critical component of any organization’s security program. It is designed to educate employees about security risks and how to protect themselves and the organization from attack. There are a number of different security awareness training programs available. Some of the most common programs include: Online training: Online training is a convenient and cost-effective way to deliver security awareness training. It can be accessed by employees from any location and at any time.

September 3, 2019 Read

Application Security Awareness

Application security awareness is the process of educating and informing employees about the security risks associated with applications. It is a critical part of any organization’s security program, as it can help to prevent employees from making mistakes that could lead to data breaches or other security incidents. There are a number of different ways to raise application security awareness among employees. One common approach is to provide training on security best practices.

August 9, 2019 Read

Secure Coding Practices

Introduction Secure coding is the practice of writing code that is resistant to attack. It is a critical part of any security program, as it can help to prevent attackers from exploiting vulnerabilities in your code. There are many different secure coding practices that you can implement. Some of the most important ones include: Input validation: This is the process of checking user input for malicious content. It is important to validate all user input, including input from forms, cookies, and headers.

August 6, 2019 Read

Application Security Best Practices

Application security is a critical aspect of any organization’s overall security posture. By following best practices, organizations can help to protect their applications from attack and data breaches. Here are some application security best practices: Use a secure development lifecycle (SDLC). The SDLC is the process of developing, testing, and deploying applications. A secure SDLC includes security activities throughout the entire process, from requirements gathering to maintenance. Implement secure coding practices.

July 11, 2019 Read

Zero Trust Security

In the past, security was built around the concept of a perimeter. The idea was to create a secure boundary around your network and then keep everything inside that boundary safe. However, this model is no longer effective in today’s world. The internet has made it possible for anyone to connect to your network, regardless of their location. This means that your perimeter is no longer secure. In addition, the increasing use of cloud computing and mobile devices has made it even more difficult to keep track of who is accessing your network and what they are doing.

March 27, 2019 Read

Threat Modeling

What is Threat Modeling? Threat modeling is a process of identifying and analyzing potential threats to an asset or system. It is a systematic approach to security that helps organizations to understand their risks and take steps to mitigate them. Why is Threat Modeling Important? Threat modeling is important because it helps organizations to identify and address potential threats before they can be exploited. By understanding their risks, organizations can make informed decisions about how to allocate security resources and protect their assets.

March 19, 2019 Read

Browser Security

Browser security is the practice of securing web browsers from attack. It is an important part of overall information security, as web browsers are often used to access sensitive information, such as financial data and personal information. There are a number of different threats to browser security, including: Malicious websites: Malicious websites can contain malware, such as viruses and worms, that can infect browsers and steal data. Phishing attacks: Phishing attacks are emails or websites that are designed to trick users into entering their personal information, such as passwords and credit card numbers.

March 8, 2019 Read

Side-Channel Attacks: Sneaking a peek at secrets

Side-channel attacks are a type of attack that exploits information that is leaked by a cryptographic system during its normal operation. This information can be leaked in a variety of ways, such as through power consumption, timing, or electromagnetic emissions. Side-channel attacks can be used to steal secrets, such as passwords, encryption keys, or other sensitive data. They can also be used to bypass security controls, such as firewalls and intrusion detection systems.

February 16, 2019 Read

Encryption: The Art of Keeping Secrets

Encryption is the process of converting data into a form that cannot be read without a special key. This makes it a valuable tool for protecting sensitive information, such as passwords, credit card numbers, and medical records. There are two main types of encryption: symmetric encryption and asymmetric encryption. Symmetric encryption uses the same key to encrypt and decrypt data. This makes it relatively fast and efficient, but it also means that anyone who knows the key can decrypt the data.

January 22, 2019 Read

Threat Intelligence

Threat intelligence is information about threats to an organization’s information assets. It can be used to help organizations understand the threats they face, to develop mitigation strategies, and to respond to incidents. There are a variety of different sources of threat intelligence, including: Publicly available information: Publicly available information can be found on websites, in news articles, and in social media. Commercial threat intelligence providers: Commercial threat intelligence providers collect and analyze threat intelligence from a variety of sources and sell it to organizations.

January 18, 2019 Read

Application security for developers

Application security is a critical part of any organization’s overall security posture. Developers play a key role in ensuring that applications are secure, and there are a number of things that they can do to help protect applications from attack. Here are some tips for application security for developers: Use secure coding practices: Secure coding practices are a set of guidelines that can be used to write secure code. These guidelines can help to prevent vulnerabilities from being introduced into applications.

January 17, 2019 Read

Wireless Security

Wireless networks are becoming increasingly popular, as they offer the convenience of being able to connect to the internet from anywhere in a home or office. However, wireless networks are also more vulnerable to attack than wired networks. Here are some tips for securing your wireless network: Choose a strong password: Your wireless network password should be at least 12 characters long and include a mix of upper and lowercase letters, numbers, and symbols.

January 16, 2019 Read

• ««
• «
• 4
• 5
• 6
• 7
• 8
• »
• »»