In application security, so often the cause of vulnerabilities can be traced to the development process. It’s the nature of application development and a consequence of moving faster with shorter deadlines.

In 2018, nearly a quarter of the American workforce was already working remotely. While we’ve had available technology to support remote workers for some time, the COVID-19 outbreak has influenced an unprecedented shift to remote working en masse.

There’s enough evidence to indicate that both nation-state and other cyber threat actors continue to target our election infrastructure. Securing voting systems from cyber intrusions is a huge challenge for the election officials during the 2020 U.S. elections.

The WhiteHat Security team recently returned from the RSA Conference in San Francisco.

International Women’s Day originated as a way to end discrimination against women around the world.

For most Americans, Tax Day (April 15) is a dreaded, recurring deadline (or headache) on the calendar that many will put off and scramble to meet in time.

The WhiteHat Security team has just returned from another successful RSA Conference in San Francisco.

In recent weeks, news broke that Docker registry misconfigurations could have exposed countless organizations to data theft and supply-chain attacks, following a discovery by Palo Alto Networks’ Unit 42 researchers.

On Jan. 8, we learned that a series of vulnerabilities in the popular social media app TikTok left the personal information of its users susceptible to exposure, potentially allowing cybercriminals to manipulate content on user accounts.

With the tensions in Iran escalating over the past few weeks, nation-state cyberattacks have been on the forefront of government agencies’ minds.

Applications are quickly becoming a top target for digital adversaries, as more businesses rely on them to drive their revenue and success.

Mobile app security can be very challenging. It’s an attack surface that is often an easy entry point for hackers to gain access to sensitive information.

For many people, January is primetime to finally install or deploy new technology like home care gadgets they were gifted during the holiday season.

2020 is upon us, and with a new calendar year comes new goals and New Year’s resolutions.

For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information.

The trend to outsource a development project or the development function has been growing in recent years, and for some very good reasons.

As 2019 draws to a close and we reflect on our accomplishments and determine how we can improve in the year ahead, it’s become a year-end tradition for us (and extremely valuable) to look back and share the major application security lessons we’ve learned individually as a team.

Out of the 350 popular Android apps reviewed, 70% leak sensitive personal data (2019 WhiteHat Security Stats Report). These online retail, brick-and-mortar retail, finance, insurance and travel apps have privacy risks that expose personally identifiable information (PII).

With the holiday season now in full swing, retail companies have been readying their stores and websites for the influx of holiday shoppers over the next few weeks.

A recent study by Zimperium of the world’s leading travel applications to understand how they manage users’ security and privacy risks reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. 45% of Android apps failed to pass the privacy tests, and 97% failed on security.

While nearly 75 percent of developers worry about the security of their applications, and 85 percent rank security as very important in the coding and development process, nearly half of their teams lack a dedicated security expert.

Whether you’re planning to celebrate Thanksgiving with family, a Friendsgiving with your closest mates or perhaps even a Worksgiving with coworkers this year, the spirit of gratitude has lasting benefits no matter who you’re with or where you are.

If you work in the public sector, you’ll notice a familiar pause to your work routine this week, as many offices and schools nationwide are closed briefly in observance of Veteran’s Day.

October is known for being the “spookiest” of all the months. While there’s always debate on if ghosts, ghouls and witches are real, no one can argue the existence of scary vulnerabilities lurking in the dim corners of the web and on applications.

Artificial intelligence (AI) is a bit of a buzzword, and it has been thrown around quite a bit in the past few years. But many companies are making real game-changing use of it.

The modern-day developer faces an inordinate amount of challenges daily. Between constantly fighting to create the most innovative apps to help their product stand out to working to meet tight deadlines, developers juggle many responsibilities.

October marks the 16th annual National Cyber Security Awareness Month (NCSAM).

Previously, we discussed in part 1 of this blog series, application security issues are becoming the first and foremost cause of security breaches, leading to some real challenges among organizations attempting to achieve DevSecOps.

Whether it was the millions of users left vulnerable by Fortnite, or hackers gaining access to Dunkin’ customer accounts, 2019 has already seen some of the worst data breaches to date.

Recently, there has been a constant upward trajectory in spending on IT security, and there are no signs of that trend abating.