2020 is upon us, and with a new calendar year comes new goals and New Year’s resolutions.

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information.

The trend to outsource a development project or the development function has been growing in recent years, and for some very good reasons.

As 2019 draws to a close and we reflect on our accomplishments and determine how we can improve in the year ahead, it’s become a year-end tradition for us (and extremely valuable) to look back and share the major application security lessons we’ve learned individually as a team.

Out of the 350 popular Android apps reviewed, 70% leak sensitive personal data (2019 WhiteHat Security Stats Report). These online retail, brick-and-mortar retail, finance, insurance and travel apps have privacy risks that expose personally identifiable information (PII).

With the holiday season now in full swing, retail companies have been readying their stores and websites for the influx of holiday shoppers over the next few weeks.

A recent study by Zimperium of the world’s leading travel applications to understand how they manage users’ security and privacy risks reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. 45% of Android apps failed to pass the privacy tests, and 97% failed on security.

While nearly 75 percent of developers worry about the security of their applications, and 85 percent rank security as very important in the coding and development process, nearly half of their teams lack a dedicated security expert.

Whether you’re planning to celebrate Thanksgiving with family, a Friendsgiving with your closest mates or perhaps even a Worksgiving with coworkers this year, the spirit of gratitude has lasting benefits no matter who you’re with or where you are.

If you work in the public sector, you’ll notice a familiar pause to your work routine this week, as many offices and schools nationwide are closed briefly in observance of Veteran’s Day.

October is known for being the “spookiest” of all the months. While there’s always debate on if ghosts, ghouls and witches are real, no one can argue the existence of scary vulnerabilities lurking in the dim corners of the web and on applications.

Artificial intelligence (AI) is a bit of a buzzword, and it has been thrown around quite a bit in the past few years. But many companies are making real game-changing use of it.

The modern-day developer faces an inordinate amount of challenges daily. Between constantly fighting to create the most innovative apps to help their product stand out to working to meet tight deadlines, developers juggle many responsibilities.

October marks the 16th annual National Cyber Security Awareness Month (NCSAM).

Previously, we discussed in part 1 of this blog series, application security issues are becoming the first and foremost cause of security breaches, leading to some real challenges among organizations attempting to achieve DevSecOps.

Whether it was the millions of users left vulnerable by Fortnite, or hackers gaining access to Dunkin’ customer accounts, 2019 has already seen some of the worst data breaches to date.

Recently, there has been a constant upward trajectory in spending on IT security, and there are no signs of that trend abating.

If businesses hadn’t already woken up to the financial clout that’s now in the hands of the world’s data protection regulators, the recent compliance fines in the US and UK have made everyone sit up and take notice.

“The customer is always right,” is the go-to customer service phrase originally coined by Harry Gordon Selfridge in London in the early 20th century.

As modern application development trends go, distributed microservices architecture has been one of the most popular and successful in recent memory.

This is the 14th year that we are publishing our annual WhiteHat Security Application Security Statistics report. Over the years, this report has become the authoritative take on the state of application security globally.

Data privacy is all about users’ personal data collected, stored or used by an organization, but are organizations doing enough to keep this data protected from unauthorized access?

The WhiteHat Security team is seeing a massive shift towards cloud adoption largely driven by organizations looking to reduce cost, mitigate risk, and to allow them to scale quickly and be agile with their resources.

“The more things change, the more they stay the same.” This simple, succinct proverb created in the 19thcentury by French novelist Jean-Baptiste Alphonse Karr continues to resonate in so many areas of our day-to-day lives.

If the title on your office door says, 'Chief Information Security Officer (CISO),' chances are, your days are consumed with the various risks your organization is facing, and how you’ll deal with them.

Back in March at the RSA Conference in San Francisco, WhiteHat announced that NTT Security Corporation, one of the world’s most respected security organizations, signed a definitive agreement to acquire WhiteHat. Throughout the past few months, we’ve been working closely with NTT Security to finalize all of the details of the acquisition...

Recently, I was out on a shopping trip at a department store, and I saw an employee scrambling to help the customers at the fitting room.

Is your organization compliant with the security standards and regulations implemented by your industry, state, or country that are applicable to your organization? If you answered yes, congratulations. Now, a follow-up question. Is your organization actually secure?

In today’s digital economy, time to market is everything. Organizations are expected to release applications and updates on a near-continuous basis, or risk being left behind by the competition.

In the application security space, customers and prospects tell the same story time and time again: