• Tags
access
administrators
analysis
and
API
Application
architects
architecture
(ASM)
assessment
(AST)
Attack
attacks
auditing
automation
awareness
beginners
best
box
Browser
career
center
Cloud
Code
coding
compliance
composition
Container
Cross-site
culture
cycle
(DAST)
Data
Database
Denial-of-service
developers
development
DevSecOps_longer
(DLP)
(DoS)
Dynamic
education
Embedded
Encryption
engineering
engineers
Enterprise
escalation
event
everyone
executives
exploit
Extensible
firewall
for
Fuzz
governance
Grey
(IAM)
Identity
In-memory
incident
information
InfoSec
injection
Input
Integration
intelligence
interface
IT
language
life
loss
Malware
management
managers
markup
metrics
Mobile
modeling
monitoring
Network
Object-oriented
(OOP)
Open
Operating
operations
(OWASP)
Password
Phishing
Physical
policy
practices
prevention
Privilege
professionals
programming
project
protection
Ransomware
(RASP)
response
review
Risk
Runtime
(SAST)
(SCA)
scripting
(SDLC)
Secure
security
security_longer
self-protection
Side-channel
(SIEM)
(SOC)
software
Static
surface
system
systems
testers
testing
Threat
training
trust
validation
vulnerability
(WAF)
(WAST)
weaknesses
web
Wireless
(XML)
(XSS)
Zero
Zero-day

Vulnerability Assessment

Vulnerability assessment is the process of identifying and assessing vulnerabilities in an organization’s information systems and assets. It is an important part of any organization’s information security program. Vulnerability assessments can be conducted manually or using automated tools. Manual vulnerability assessments are typically more thorough, but they can be time-consuming and expensive. Automated vulnerability assessments are less thorough, but they can be conducted quickly and easily. The results of a vulnerability assessment can be used to prioritize security efforts, to develop mitigation strategies, and to improve the overall security posture of an organization.

October 1, 2022 Read

Application security for software architects

As a software architect, you play a critical role in the security of your organization’s applications. You are responsible for designing and implementing applications that are secure by design. Here are some key things to keep in mind when it comes to application security: Applications are a target: Applications are a valuable target for attackers. They can be used to steal data, disrupt operations, or even launch attacks on other systems.

September 24, 2022 Read

Application Security Architecture

Application security architecture is the design of an application with security in mind. It is a critical part of any organization’s security posture, as it can help to protect applications from attack. There are a number of different approaches to application security architecture. One common approach is to use a defense-in-depth model. This model involves layering security controls throughout the application, from the development process to the deployment environment. Another common approach is to use security frameworks.

September 18, 2022 Read

Vulnerability Management

Vulnerability management is the process of identifying, assessing, and mitigating vulnerabilities in an organization’s information systems and assets. It is an ongoing process that is essential for protecting an organization from attack. Vulnerability management typically involves the following steps: Identifying vulnerabilities: The first step is to identify vulnerabilities in an organization’s information systems and assets. This can be done through vulnerability scanning, penetration testing, and threat intelligence gathering. Assessing vulnerabilities: Once vulnerabilities have been identified, they need to be assessed to determine their severity and impact.

September 7, 2022 Read

Database Security: Keeping Your Data Safe

Databases are essential for storing and managing data. They are used by businesses of all sizes to store customer information, financial data, and other sensitive information. However, databases are also a target for attackers. Here are some of the key security challenges associated with databases: Data breaches: Databases can be breached, which can lead to the loss of sensitive data. Data corruption: Databases can be corrupted, which can lead to the loss of data or the inability to access data.

August 30, 2022 Read

Application Security Culture

Application security culture is the set of beliefs and attitudes that an organization has about the importance of security. A strong application security culture is essential for protecting applications from attack and data breaches. There are a number of things that organizations can do to create a strong application security culture. Some of the most important things include: Leadership commitment: Senior leaders must be committed to security and must communicate the importance of security to all employees.

July 29, 2022 Read

Identity and Access Management (IAM): The Key to Securing Your Organization

Identity and access management (IAM) is a critical component of any organization’s security posture. IAM encompasses the processes and technologies used to manage identities and access to resources. By implementing effective IAM, organizations can reduce the risk of unauthorized access to sensitive data and systems. IAM typically includes the following components: Identity governance: This involves managing the lifecycle of identities, including creating, updating, and disabling accounts. Access control: This involves defining who has access to what resources and what actions they can take.

July 22, 2022 Read

Password Management: It's Not Just About Remembering Your Passwords

In today’s digital world, we are constantly bombarded with passwords. We need passwords for our email, our bank accounts, our social media accounts, and more. It can be hard to keep track of all of our passwords, and it can be even harder to create strong passwords that are difficult to guess. That’s where password management comes in. Password management is the process of storing and managing your passwords in a secure way.

July 21, 2022 Read

Input Validation: The Key to Secure Applications

Input validation is the process of checking user input to ensure that it is valid and does not contain any malicious code. It is an essential security measure that can help to prevent a variety of attacks, such as cross-site scripting (XSS) and SQL injection. There are a number of different ways to perform input validation. Some of the most common methods include: Data type validation: This involves checking that the input data is of the correct type.

July 15, 2022 Read

Open Web Application Security Project (OWASP)

The Open Web Application Security Project (OWASP) is a non-profit organization that provides information about web application security. OWASP is a community-driven organization that relies on the contributions of volunteers from all over the world. OWASP has a number of resources available to help developers, security professionals, and organizations improve the security of their web applications. These resources include: OWASP Top 10: The OWASP Top 10 is a list of the most critical web application security risks.

July 13, 2022 Read

Application Security Education

Application security is a critical aspect of any organization’s overall security posture. By educating employees about security risks, organizations can help to prevent them from making mistakes that could lead to data breaches or other security incidents. There are a number of different ways to educate employees about application security. One common approach is to provide training on security best practices. This training can cover topics such as input validation, output encoding, and error handling.

July 8, 2022 Read

Application security for beginners

Application security is the practice of protecting software applications from attack. It is an important part of overall information security, as applications are often the targets of malicious actors. There are a number of different types of application security threats, including: Injection attacks: Injection attacks are a type of attack where an attacker injects malicious code into an application. This malicious code can then be executed by the application, which can lead to data loss, system disruption, or other problems.

July 2, 2022 Read

• ««
• «
• 1
• 2
• 3
• 4
• 5
• »
• »»