So now that I’ve established myself as a lover of FB and social media, may I ask that you all please carefully consider which additional new and (worse) seldom-used applications that you grant permission to “Log On with Facebook?” (Or Google+, or Twitter – I’m not just targeting any one federated login mechanism.)
This week, it was reported that certain versions of the Apache Struts 2 Framework are vulnerable to Remote Code Execution attacks.
But then we got mobile devices, and executives fell in love with tablets. And then smart objects, from buildings to cars and medical devices. The boundaries of the network keep growing, but we security experts keep saying that the user is the weakest link.
With the migration towards digital transformation and the onslaught of cyber attacks, we need a “Security Facts” label so that we as consumers may make more informed decisions about the risk we are inheriting from the use or acquisition of applications.
As we head into the new year, we thought we’d share our 5 most watched webinars of 2016. Like “must see TV”, these are well worth taking the time to watch and learn from!
Kate and I created a webinar together describing her penetration test methodology and results, followed by my description of how Sentinel’s Dynamic scanning and Sentinel Source analysis would identify this vulnerability, as well as best practices in application security coding to avoid it.