• Tags
access
administrators
analysis
and
API
Application
architects
architecture
(ASM)
assessment
(AST)
Attack
attacks
auditing
automation
awareness
beginners
best
box
Browser
career
center
Cloud
Code
coding
compliance
composition
Container
Cross-site
culture
cycle
(DAST)
Data
Database
Denial-of-service
developers
development
DevSecOps_longer
(DLP)
(DoS)
Dynamic
education
Embedded
Encryption
engineering
engineers
Enterprise
escalation
event
everyone
executives
exploit
Extensible
firewall
for
Fuzz
governance
Grey
(IAM)
Identity
In-memory
incident
information
InfoSec
injection
Input
Integration
intelligence
interface
IT
language
life
loss
Malware
management
managers
markup
metrics
Mobile
modeling
monitoring
Network
Object-oriented
(OOP)
Open
Operating
operations
(OWASP)
Password
Phishing
Physical
policy
practices
prevention
Privilege
professionals
programming
project
protection
Ransomware
(RASP)
response
review
Risk
Runtime
(SAST)
(SCA)
scripting
(SDLC)
Secure
security
security_longer
self-protection
Side-channel
(SIEM)
(SOC)
software
Static
surface
system
systems
testers
testing
Threat
training
trust
validation
vulnerability
(WAF)
(WAST)
weaknesses
web
Wireless
(XML)
(XSS)
Zero
Zero-day

Security Operations Center (SOC)

A Security Operations Center (SOC) is a team of security professionals who are responsible for monitoring, detecting, and responding to security incidents. SOCs are typically staffed 24/7 to ensure that they can respond to incidents quickly and effectively. SOCs use a variety of tools and technologies to monitor for security incidents. These tools can include: Security information and event management (SIEM) systems: SIEM systems collect and analyze security logs from across an organization’s network.

August 17, 2021 Read

Operating System Security

Operating systems (OS) are the foundation of all computing devices. They provide the basic services that allow us to run applications, access files, and connect to networks. As such, OS security is critical to the overall security of our devices and data. There are a number of threats to OS security, including: Malware: Malware, such as viruses, worms, and Trojan horses, can be used to steal data, damage systems, or disrupt operations.

August 15, 2021 Read

Software Development Life Cycle (SDLC) Security

What is SDLC security? SDLC security is the process of integrating security into the software development life cycle (SDLC). It is a critical component of any organization’s security program, as it can help to reduce the risk of security vulnerabilities being introduced into software. Why is SDLC security important? SDLC security is important because it helps to ensure that security is considered throughout the software development process. This can help to reduce the risk of security vulnerabilities being introduced into software, which can lead to data breaches, system outages, and other security incidents.

August 13, 2021 Read

API Security: Protecting Your Data

Application programming interfaces (APIs) are everywhere. They’re used to power everything from mobile apps to cloud-based services. And as APIs become more and more ubiquitous, so too does the risk of API security breaches. In fact, a recent study by the Ponemon Institute found that the average cost of a data breach involving APIs is now over $4 million. That’s a significant increase from just a few years ago, and it’s a trend that’s only going to continue in the future.

August 13, 2021 Read

Cloud Application Security

Cloud applications are becoming increasingly popular, as they offer a number of benefits, such as scalability, flexibility, and cost-effectiveness. However, cloud applications also introduce new security challenges. There are a number of different threats to cloud application security, including: Data breaches: Data breaches are a major concern for cloud applications. This is because cloud applications often store sensitive data, such as financial information and personal information. Malware attacks: Malware attacks are another major concern for cloud applications.

June 13, 2021 Read

Application Security Career

Application security is a rapidly growing field with a high demand for skilled professionals. If you are interested in a career in application security, there are a number of things you can do to prepare. First, it is important to have a strong understanding of the fundamentals of computer security. This includes topics such as cryptography, network security, and operating system security. You can gain this knowledge by taking courses, reading books, and attending security conferences.

June 8, 2021 Read

Enterprise Application Security

Enterprise applications are a critical part of modern businesses. They process sensitive data, control critical systems, and enable employees to collaborate and share information. As a result, enterprise applications are a major target for attackers. Enterprise application security is the practice of protecting enterprise applications from unauthorized access, modification, or destruction. It is a critical aspect of information security that is essential for protecting the confidentiality, integrity, and availability of enterprise applications.

May 20, 2021 Read

Application Security Testing: Protecting Your Apps

Application security testing (AST) is the process of identifying and mitigating security vulnerabilities in software applications. AST can be performed at any stage of the software development lifecycle (SDLC), from design and development to testing and deployment. There are a number of different AST techniques, including: Static application security testing (SAST): SAST tools analyze the source code of an application to identify potential security vulnerabilities. Dynamic application security testing (DAST): DAST tools interact with an application in its running state to identify potential security vulnerabilities.

May 4, 2021 Read

Security Policy Development

What is a security policy? A security policy is a document that defines the security requirements for an organization. It outlines the organization’s security goals, objectives, and controls. Security policies are designed to protect the organization’s assets, such as data, systems, and employees. Why is security policy development important? Security policy development is important because it helps to ensure that an organization is protected from security threats. Security policies provide a framework for implementing security controls and for managing security risks.

March 9, 2021 Read

Application security for IT professionals

Application security is a critical part of any organization’s overall security posture. As an IT professional, it is important to understand the risks of application security and to take steps to mitigate those risks. Here are some of the key risks of application security: Data breaches: Application security vulnerabilities can be exploited by attackers to steal sensitive data, such as customerPII, financial information, or intellectual property. Disruption: Application security vulnerabilities can be exploited by attackers to disrupt business operations, such as by taking down websites or disabling critical applications.

March 2, 2021 Read

Web Application Security Testing (WAST)

Web application security testing (WAST) is the process of identifying and assessing security vulnerabilities in web applications. It is an important part of any organization’s information security program. WAST can be conducted manually or using automated tools. Manual WAST is typically more thorough, but it can be time-consuming and expensive. Automated WAST is less thorough, but it can be conducted quickly and easily. The results of a WAST can be used to prioritize security efforts, to develop mitigation strategies, and to improve the overall security posture of an organization.

February 14, 2021 Read

Static Application Security Testing (SAST): A Deep Dive

Static application security testing (SAST) is a type of software testing that analyzes source code for potential security vulnerabilities. SAST tools can be used to scan for a wide range of vulnerabilities, including injection attacks, buffer overflows, and SQL injection. SAST is a valuable tool for organizations of all sizes. By identifying and fixing security vulnerabilities early in the development process, SAST can help to prevent attackers from exploiting these vulnerabilities to gain unauthorized access to systems and data.

January 17, 2021 Read

• ««
• «
• 1
• 2
• 3
• 4
• 5
• »
• »»