Today’s applications touch millions if not billions of people on a daily basis. With virtually every business using applications to grow, they are critical to companies’ success—yet the vulnerabilities and risks associated with them continue to increase exponentially.
There is no 100 percent secure, completely flawless computer program, yet security practices are often an after thought in programming. But even with the best security practices 'baked into' the software life cycle (SLC), there is still the possibility of a zero-day vulnerability existing in the code.
The news was just released that a massive breach hit Uber in October of 2016. The personal information of 57 million Uber users and 7 million Uber drivers were stolen, including names, email addresses and phone numbers.
As the news unfolds on Equifax and the latest and greatest of the Apache Struts hacks, a co-worker and I were talking about it amongst ourselves. “Why would someone leave a critical vulnerability unpatched for months?”, my co-worker asked in puzzled tones.
WhiteHat Scout is a fully automated static analysis product to develop secure software from the start for successful DevOps implementations.
The WhiteHat Sentinel Application Programming Interface (API) can help you out. Whether you’re looking to bring information into your own ticketing system, a SIEM, a new set of developer tools, or even a home-grown environment, we hope you’ll find pointers to the documentation which will help make it easy.
The CopyCat malware exploits some known vulnerabilities in older versions of Android which allows an attacker to root the victim’s phone. It then can install applications and will hijack ads from your phone, effectively paying the attacker each time an ad pops up.
This Top 10 list is for you — developers and software engineers — designing mobile apps today.
With the recent emphasis on application security, organizations now strive to fix web app security vulnerabilities earlier in the SDLC, before apps are deployed in order to lower the risk of potential data breaches.
This week, it was reported that certain versions of the Apache Struts 2 Framework are vulnerable to Remote Code Execution attacks.