• Posts
Information Security
• Security Information and Event Management (SIEM)
• Application Security Monitoring
• Application security for system administrators
• Embedded Systems Security
• Software Composition Analysis (SCA): A Deep Dive
• Application Security Governance
• Malware: The Malicious Software That Threatens Your Devices
• Security Engineering
• In-memory data protection: A critical need in today's world
• Privilege escalation: What it is and how to prevent it
• Security Testing
• API security
• Vulnerability Assessment
• Application security for software architects
• Application Security Architecture
• Vulnerability Management
• Database Security: Keeping Your Data Safe
• Application Security Culture
• Identity and Access Management (IAM): The Key to Securing Your Organization
• Password Management: It's Not Just About Remembering Your Passwords
• Input Validation: The Key to Secure Applications
• Open Web Application Security Project (OWASP)
• Application Security Education
• Application security for beginners
• Application Firewalls: Your First Line of Defense
• Grey Box Testing
• Cloud Security: Protecting Your Data in the Cloud
• XML Injection: A Dangerous Vulnerability
• Zero-Day Attacks
• Mobile Application Security: A Critical Need in Today's World
• Application security for everyone
• Network Security Architecture
• Web Application Firewall (WAF)
• Web Development Security
• Application Security Compliance
• Zero-day exploit prevention
• Wireless Security Architecture
• Code Review: A Peer's Eye View
• Application Security Weaknesses
• Integration Testing: The Next Step in Software Testing
• Data Loss Prevention (DLP): Protecting Your Data
• Security Training
• Object-oriented programming (OOP) injection: A threat to your code
• Security Operations Center (SOC)
• Operating System Security
• API Security: Protecting Your Data
• Software Development Life Cycle (SDLC) Security
• Cloud Application Security
• Application Security Career
• Enterprise Application Security
• Application Security Testing: Protecting Your Apps
• DevSecOps: The Future of Security
• Security Policy Development
• Application security for IT professionals
• Web Application Security Testing (WAST)
• Static Application Security Testing (SAST): A Deep Dive
• Physical Security
• Denial-of-service (DoS) Prevention
• Attack Surface Management: Protecting Your Organization from Attack
• Application security for web developers
• Application security for testers
• Application security for executives
• Fuzz Testing: A Black-Box Testing Technique
• Code Analysis: Finding and Fixing Security Vulnerabilities
• Mobile Application Security Testing
• Denial-of-service (DoS) attacks: A threat to your website
• Security Auditing
• Security Automation
• Security Incident Response
• Cross-site Scripting (XSS)
• Phishing: The Art of Deception
• Application Security Metrics
• Web Application Security
• Runtime Application Self-Protection (RASP)
• Application security for managers
• System Security
• Risk Assessment
• Dynamic Application Security Testing (DAST): A Hands-On Approach
• Application Security Vulnerability Management
• Application security for software engineers
• Ransomware: A growing threat
• Application security for security professionals
• Application Security Training
• Container Security: Keeping Your Applications Safe
• Security Awareness Training
• Application Security Awareness
• Secure Coding Practices
• Application Security Best Practices
• Zero Trust Security
• Threat Modeling
• Browser Security
• Side-Channel Attacks: Sneaking a peek at secrets
• Encryption: The Art of Keeping Secrets
• Threat Intelligence
• Application security for developers
• Wireless Security

Application security for testers

As a tester, you play a critical role in the security of your organization’s applications. You are responsible for finding and fixing vulnerabilities in applications before they are deployed. Here are some key things to keep in mind when it comes to application security: Applications are a target: Applications are a valuable target for attackers. They can be used to steal data, disrupt operations, or even launch attacks on other systems.

November 29, 2020 Read

Application security for executives

Application security is a critical part of any organization’s overall security posture. As an executive, it is important to understand the risks of application security and to take steps to mitigate those risks. Here are some of the key risks of application security: Data breaches: Application security vulnerabilities can be exploited by attackers to steal sensitive data, such as customerPII, financial information, or intellectual property. Disruption: Application security vulnerabilities can be exploited by attackers to disrupt business operations, such as by taking down websites or disabling critical applications.

November 13, 2020 Read

Fuzz Testing: A Black-Box Testing Technique

Fuzz testing is a black-box testing technique that can be used to find security vulnerabilities in software. Fuzz testing works by feeding random or unexpected input to a software application and then observing the application’s response. If the application crashes or behaves unexpectedly, it may be vulnerable to a security attack. Fuzz testing is a powerful tool for finding security vulnerabilities, but it is important to note that it is not a silver bullet.

November 2, 2020 Read

Code Analysis: Finding and Fixing Security Vulnerabilities

Code analysis is the process of inspecting code to find potential security vulnerabilities. It can be performed manually or using automated tools. Manual code analysis is a time-consuming and labor-intensive process. It requires a deep understanding of the code and the ability to identify potential security issues. Automated code analysis tools can help to speed up the process and identify potential security issues that may be missed by manual analysis.

September 20, 2020 Read

Mobile Application Security Testing

Mobile applications are becoming increasingly popular, as they offer a number of benefits, such as convenience, portability, and flexibility. However, mobile applications also introduce new security challenges. Mobile application security testing is the process of identifying and mitigating security vulnerabilities in mobile applications. It is a critical part of the mobile application development lifecycle, as it can help to prevent security breaches and protect users from malicious attacks. There are a number of different methods that can be used to test mobile application security.

August 2, 2020 Read

Denial-of-service (DoS) attacks: A threat to your website

A denial-of-service (DoS) attack is an attempt to make a website or server unavailable to its intended users. DoS attacks achieve this by flooding the target with so much traffic that it is unable to handle legitimate requests. There are two main types of DoS attacks: Volume-based DoS attacks: These attacks send a large volume of traffic to the target, overwhelming its resources. Protocol-based DoS attacks: These attacks exploit vulnerabilities in the target’s protocols, such as HTTP or TCP.

July 28, 2020 Read

Security Auditing

Security auditing is a systematic review of an organization’s security controls to determine their effectiveness. It is a critical component of any organization’s security program. The purpose of security auditing is to identify security weaknesses and to recommend improvements. Security audits can also be used to comply with regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX). There are a number of different security auditing methods that can be used.

July 8, 2020 Read

Security Automation

Security automation is the use of technology to automate security tasks. This can help to reduce the risk of human error and to improve the efficiency of security operations. There are a number of different security tasks that can be automated, including: Vulnerability scanning: Vulnerability scanning can be automated to identify vulnerabilities in systems and applications. Patch management: Patch management can be automated to ensure that systems and applications are up to date with the latest security patches.

June 21, 2020 Read

Security Incident Response

Security incident response is the process of identifying, containing, and recovering from a security incident. It is a critical component of any organization’s security program. A security incident is any event that compromises the confidentiality, integrity, or availability of an organization’s information assets. Security incidents can be caused by a variety of factors, including: Human error: Human error is the most common cause of security incidents. This can include things like clicking on a phishing link, opening a malicious attachment, or using weak passwords.

June 8, 2020 Read

Cross-site Scripting (XSS)

Cross-site scripting (XSS) is a type of security vulnerability that allows an attacker to inject malicious code into a web page. This malicious code can then be executed by the victim’s browser when they visit the page. XSS attacks can be used to steal cookies, session tokens, and other sensitive information. They can also be used to deface websites, redirect users to malicious websites, and even take control of the victim’s browser.

June 6, 2020 Read

Phishing: The Art of Deception

Phishing is a type of social engineering attack that uses fraudulent emails to trick users into revealing sensitive information, such as passwords or credit card numbers. Phishing attacks are one of the most common types of cyberattacks, and they can be very effective. In a phishing attack, the attacker will send an email that appears to be from a legitimate source, such as a bank or a credit card company. The email will typically contain a link or attachment that, if clicked on, will install malware on the user’s computer or redirect the user to a malicious website.

May 31, 2020 Read

Application Security Metrics

Application security metrics are a critical part of any application security program. They help organizations to measure the effectiveness of their security efforts and to identify areas where improvement is needed. There are a number of different application security metrics that can be used. Some of the most common metrics include: Number of vulnerabilities found: This metric measures the number of vulnerabilities that are found in applications. Severity of vulnerabilities: This metric measures the severity of the vulnerabilities that are found.

May 4, 2020 Read

• ««
• «
• 4
• 5
• 6
• 7
• 8
• »
• »»