Application Security — Features

Does DevOps hurt or help security?

There is a firmly held concern in security circles that the automation associated with DevOps moves too swiftly, that security teams and their tests can't keep up, that too many of the metrics measured focus on production, availability, and compliance checkboxes, and as a result, security falls to the wayside.

George V. Hulme | 01 May | Read more

NEWS FEATURE: Debate rages over how to manage personal mobile devices used for work

Increasingly, businesses accept the idea that employees should be able to <a href="http://www.networkworld.com/columnists/2011/072711-andreas.html?hpg1=bn">use their personal mobile devices</a>, such as <a href="http://www.networkworld.com/slideshows/2010/061510-smartphone-history.html">smartphones</a> and tablets, for work. But debate is raging as to whether these employee-owned devices should be <a href="http://www.networkworld.com/news/2011/061511-smartphones-tablets-security.html">managed and secured</a> exactly as corporate-owned devices might be.

Ellen Messmer | 28 Jul | Read more

5 open source security projects to watch

Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.

Rodney Gedda | 20 Jan | Read more

5 'Great' Open-source Desktop Security Applications

Contributions from free and open software makers can be found throughout the tech world. From your datacenter to the desktop and everywhere in between; there's an open solution to your computing needs. This is no less true in information security. My focus in this article is the several outstanding information security desktop tools that personify the innovation and ingenuity of the FOSS (Free and Open Source Software) world. Please keep in mind that all of these applications (except one) are cross-platform so you can find appropriate versions on whatever you run (BSD, Mac OSX, Linux or Windows). The examples herein, however, will be catered to the largest install base (statistically): Microsoft Windows.

Joseph Guarino | 01 Apr | Read more

Cloud Security: Ten Questions to Ask Before You Jump In

The hype around cloud computing would make you think mass adoption will happen tomorrow. But recent studies by a number of sources have shown that security is the biggest barrier to cloud adoption. The reality is cloud computing is simply another step in technology evolution following the path of mainframe, client server and Web applications, all of which had -- and still have -- their own security issues.

Tim Brown | 28 Jan | Read more

Why traditional security doesn't work for SOA

Many organizations are embracing SOA as a way to increase application flexibility, make integration more manageable, lower development costs, and better align technology systems to business processes. The appeal of SOA is that it divides an organization's IT infrastructure into services, each of which implements a business process consumable by users and services.

Chris Clark | 19 Jan | Read more

Facebook Tips: Staying Safe While Using Games and Apps

If you're one of the 63.7 million people playing the popular Farmville game on Facebook, you've probably noticed a change in how you earn points. FarmVille's parent company, Zynga, agreed last week to remove deceiving mobile subscriptions and "scammy" offers that lure players to register for services in exchange for game currency, which helps players to advance in the game.

Kristin Burnham | 13 Nov | Read more

Careless downloading makes BlackBerry users spy targets

IPhone lovers and other smartphone users should take heed: A security researcher showed ways to spy on a BlackBerry user during a presentation Wednesday, including listening to phone conversations, stealing contact lists, reading text messages, taking and viewing photos and figuring out the handset's location via GPS.

Dan Nystedt | 08 Oct | Read more

Cloud security: time to smoke another one?

Chris Hoff, one of the most respected voices on the topic of virtualization and cloud security, once told me in an interview that people should shut up about securing the cloud because, in his opinion, there's no such thing as cloud security.

Bill Brenner | 01 Sep | Read more

Is your PC bot-infested? here's how to tell

As fireworks boomed on the Fourth of July, thousands of compromised computers attacked U.S. government Web sites. A botnet of more than 200,000 computers, infected with a strain of 2004's MyDoom virus, attempted to deny legitimate access to sites such as those of the Federal Trade Commission and the White House. The assault was a bold reminder that botnets continue to be a massive problem.

Robert Vamosi | 25 Aug | Read more

Survey: Facebook, Twitter banned by most employers

Employers are increasingly putting the brakes on employee use of social networking sites on the job, according to a new survey. The research, released Wednesday by ScanSafe, a provider of SaaS Web security, said its data shows more employers are blocking sites such as Facebook and Twitter. The results run counter to a story published by CSO in March 2009 that cites research which found most employers do allow access to Web 2.0 in the office.

Joan Goodchild | 20 Aug | Read more

SOA security: good enough and getting better

Security is not a reason to stay away from SOA. Although full SOA security maturity is yet to come, 30 percent of organizations now use SOA for external integration with customers and partners. For standard Web services using SOAP, WS-Security has achieved critical mass as a foundational standard. On the other hand, advanced SOA security - involving federation among partners, nonrepudiation, and propagation of user identities across multiple layers of service implementations - is in its early days.

Randy Heffner | 20 Aug | Read more

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place