Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A group of researchers has built a sandbox framework that can improve the security of Firefox by isolating third-party libraries used by the browser. [Read More]
Microsoft is testing its election-focused security solution ElectionGuard in Wisconsin at Supreme Court elections. [Read More]
MIT researchers claim that vulnerabilities in the Voatz Internet voting app could allow adversaries to alter, stop, or expose a user’s vote, but the vendor has disputed their findings. [Read More]
Microsoft announced that Safe Documents and Application Guard, two security capabilities introduced last fall, are now available to more of its Office 365 ProPlus customers. [Read More]
A bug in the Google Takeout download service has resulted in some users’ videos being inadvertently shared with other people. [Read More]
After observing an increase in the number of fraudulent transactions, Google over the weekend announced that it halted the publishing of paid items to the Chrome Web Store. [Read More]
Facebook, Samsung and Ring have unveiled new or improved privacy and security tools at CES 2020. [Read More]
F5 Networks has agreed to acquire privately held Shape Security for approximately $1 billion in cash. [Read More]
A how-to guide where you can check for the presence of Magecart using the free URLscan.io service. [Read More]
Google announces plans to turn off access to G Suite account data for less secure apps (LSAs), as they represent a potential security risk for users. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Gunter Ollmann's picture
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
Preston Hogue's picture
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Preston Hogue's picture
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Preston Hogue's picture
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
Preston Hogue's picture
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
Preston Hogue's picture
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
Preston Hogue's picture
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
Preston Hogue's picture
This move to container-based development and agile methodologies has been great for innovation and iteration, but it’s also brought a massive shift in the application landscape with real impact on security teams.