Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Code

Code surety: Secure by design

Deb Radcliff March 01, 2012

More-than-decade-old bugs still plague web applications, and the challenge is only growing for programs migrating to the cloud. But new frameworks and heightened awareness can mitigate the threat.
 

Who missed Facebook's bounty party?

Sean Martin, founder, imsmartin consulting August 12, 2011

Facebook should use its recently announced vulnerability bounty program to push for more security in third-party applications that run on the site.
 

Why do SQL injection attacks continue to succeed?

Josh Shaul, chief technology officer, Application Security May 24, 2011

SQL injection vulnerabilities first appeared in the 1990s, yet massive breaches in recent years prove the problem still remains a thorn in the side of security experts.
 

Software assurance has reached a crisis point

November 15, 2010

Much of the software that the U.S. government is running can be successfully exploited, said Dan Shoemaker, professor at the University of Detroit Mercy, at SC World Congress last week.
 

Designing secure software and services now will save money later

Ryan Berg, senior security architect, IBM October 27, 2010

The cost of fixing a vulnerability after a product already has gone to market is much higher than the cost of finding it during the design process.
 

Automated web attacks: Interview with Amichai Shulman, co-founder and CTO of Imperva

September 16, 2010

In a conversation with SC Magazine Deputy Editor Dan Kaplan, Amichai Shulman, co-founder and CTO of Imperva, introduces a new research initiative underway and addresses the automated methods now used by attackers to compromise legitimate websites.
 

No reason to keep application security in the backseat

Chris Wysopal, CTO, Veracode September 13, 2010

A computer expert draws on three case studies to dispel myths surrounding the protection and prevention of vulnerable code.
 

HP to buy software security firm Fortify Software

August 17, 2010

IT giant Hewlett-Packard (HP) announced on Tuesday that it has agreed to acquire San Mateo, Calif.-based Fortify Software, maker of software security assurance solutions.
 

Software flaws, delayed patching reign so far this year

July 12, 2010

2010 is on pace to become a record-setting year for software vulnerabilities, and third-party applications that are not properly patched are a major blame, according to a new Secunia report.
 

Global village

March 01, 2010

Testing competitions can improve code, but crowdsourcing brings new concerns to security governance, reports Deb Radcliff.
 
Popular Topics
Advanced Persistent Threat Anonymous Apple Threats Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Data Leakage Encryption Government Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws