New Year, New AppSec Resolutions
2020 is upon us, and with a new calendar year comes new goals and New Year’s resolutions.
2020 is upon us, and with a new calendar year comes new goals and New Year’s resolutions.
For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information.
As we head into 2020, application security remains an essential consideration for every organization operating in this digital era.
The trend to outsource a development project or the development function has been growing in recent years, and for some very good reasons.
As 2019 draws to a close and we reflect on our accomplishments and determine how we can improve in the year ahead, it’s become a year-end tradition for us (and extremely valuable) to look back and share the major application security lessons we’ve learned individually as a team.
Out of the 350 popular Android apps reviewed, 70% leak sensitive personal data (2019 WhiteHat Security Stats Report). These online retail, brick-and-mortar retail, finance, insurance and travel apps have privacy risks that expose personally identifiable information (PII).
With the holiday season now in full swing, retail companies have been readying their stores and websites for the influx of holiday shoppers over the next few weeks.
A recent study by Zimperium of the world’s leading travel applications to understand how they manage users’ security and privacy risks reveals that 100% of the iOS apps failed to receive a passing privacy or security grade. 45% of Android apps failed to pass the privacy tests, and 97% failed on security.
While nearly 75 percent of developers worry about the security of their applications, and 85 percent rank security as very important in the coding and development process, nearly half of their teams lack a dedicated security expert.
Whether you’re planning to celebrate Thanksgiving with family, a Friendsgiving with your closest mates or perhaps even a Worksgiving with coworkers this year, the spirit of gratitude has lasting benefits no matter who you’re with or where you are.
It’s that time of year again: the holidays are among us. Soon, millions of us will be on the road and in the air, on our way to visit friends and relatives to celebrate the season (or perhaps to get away from it all).
If you work in the public sector, you’ll notice a familiar pause to your work routine this week, as many offices and schools nationwide are closed briefly in observance of Veteran’s Day.
Each November, National Stress Awareness Day is recognized on the first Wednesday of the month and aims to identify and reduce the stress factors in your life.
This decade has seen an unprecedented number of connected systems and devices, automated delivery systems and increased mobile device usage in the healthcare industry.
October is known for being the “spookiest” of all the months. While there’s always debate on if ghosts, ghouls and witches are real, no one can argue the existence of scary vulnerabilities lurking in the dim corners of the web and on applications.
Artificial intelligence (AI) is a bit of a buzzword, and it has been thrown around quite a bit in the past few years. But many companies are making real game-changing use of it.
The modern-day developer faces an inordinate amount of challenges daily. Between constantly fighting to create the most innovative apps to help their product stand out to working to meet tight deadlines, developers juggle many responsibilities.
October marks the 16th annual National Cyber Security Awareness Month (NCSAM).
A collaborative effort between government and industry, National Cybersecurity Awareness Month (NCSAM) is observed every October in an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to stay safer and more secure online.
Previously, we discussed in part 1 of this blog series, application security issues are becoming the first and foremost cause of security breaches, leading to some real challenges among organizations attempting to achieve DevSecOps.
Whether it was the millions of users left vulnerable by Fortnite, or hackers gaining access to Dunkin’ customer accounts, 2019 has already seen some of the worst data breaches to date.
Recently, there has been a constant upward trajectory in spending on IT security, and there are no signs of that trend abating.
If businesses hadn’t already woken up to the financial clout that’s now in the hands of the world’s data protection regulators, the recent compliance fines in the US and UK have made everyone sit up and take notice.
“The customer is always right,” is the go-to customer service phrase originally coined by Harry Gordon Selfridge in London in the early 20th century.
When British Airways was informed it was facing a fine of £183 million by the UK’s Information Security Commissioner (ICO) in July, at the heart of the problem was the company’s failure to protect customer information including their credit card details.
Server-side request forgery (SSRF) has been in the news recently for causing mainstream data breaches impacting hundreds of millions of consumers.
More and more, businesses today are staking their success on web and mobile applications.
Thousands of people every year gather in the desert to be able to attend one of the most captivating events in the world.
In the current data compliance and data security climate, empowered regulators are really flexing their muscles.
Despite women gaining the equal right to vote in 1878 and the U.S. Congress designating Aug. 26 as Women’s Equality Day in 1971, the tech industry still has a long way to go.