HackDig : Dig high-quality web security articles for hacker

The Myth of Mutual Exclusivity: Making the DevOps Process More Agile Without Compromising Security

The marketplace is demanding agility, but many enterprises perceive the need for agility as an ongoing security risk. If applications are constantly evolving, they assume, the process will constantly open up new avenues for attackers to exploit. This worry has given rise to a widespread misconception that security or agility is a binary choice. But a growing
Publish At:2017-09-21 19:15 | Read:128 | Comments:0 | Tags:Application Security CISO Agile DevOps SecDevOps Security Pr

Don’t Sweep Web Application Penetration Testing Under the Rug

Web application penetration testing is one of the most critical components of your information security program. The exploitation of a web-related vulnerability could result in a massive breach, so web security must be front and center in any organization. However, I often see people sweep web security under the rug and fail to follow through on their find
Publish At:2017-09-21 00:50 | Read:121 | Comments:0 | Tags:Application Security Risk Management Application Security Te

Three Practical Tips That Empower Developers and Prevent Open Source Security Risks From Entering Your Code

Employees use open source applications in organizations of all sizes and across all industries, and this trend shows no signs of slowing down. It is both cost effective and efficient to incorporate source code into software during the development stage. With all those extra resources, developers can focus more on the organization’s proprietary code. Ac
Publish At:2017-08-21 15:05 | Read:153 | Comments:0 | Tags:Application Security Risk Management Application Development

Pervasive Encryption Simplifies Mainframe Security

On July 17, IBM unveiled its z14 mainframe server, which combines the traditional mainframe hardware with new capabilities in areas such as cloud, cognitive, analytics, application management, blockchain, machine learning and more. Most importantly, z14 includes enhanced security features — namely, pervasive encryption — to help clients stay one step ahead
Publish At:2017-08-04 20:10 | Read:811 | Comments:0 | Tags:Data Protection Mainframe Application Security Encryption En

Integrating the IoT Into Your Application Security Program

The Internet of Things (IoT) is here, but is your security program ready to handle it? For many reasons, such as network complexity, limited visibility, politics and other challenges that come along with emerging technologies in the enterprise, your organizations is likely underprepared. To get up to speed, a good place to start is your application security
Publish At:2017-08-02 12:30 | Read:361 | Comments:0 | Tags:Application Security Network Application Security Testing Ap

Hello, My Name Is Space Rogue

IBM X-Force Red marked its first-year anniversary with the addition of security specialists, including Space Rogue, who increases the team’s impressive roster of talent. Hello, my name is Space Rogue. Well, actually, it’s Cris Thomas, but the security community is most likely to recognize my work over the past two decades under my pseudonym. The
Publish At:2017-07-28 03:30 | Read:316 | Comments:0 | Tags:Application Security Security Services X-Force Research IBM

IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas

Earlier this year, I gave a talk at the RSA Conference about the privacy and security flaws in many of today’s connected cars. The response was nothing short of astounding. As it turns out, people get very nervous when you talk about finding and controlling their cars from a mobile phone. While I didn’t initially set out to find vulnerabilities i
Publish At:2017-07-24 17:25 | Read:129 | Comments:0 | Tags:Application Security Industries Software & App Vulnerabiliti

Multipronged IoT Security to Help Realize the Value of IoT Solutions

The Internet of Things (IoT) is an exciting and innovative technology that can help businesses discover new growth areas and income streams. With all this innovation to differentiate in industry verticals and challenge traditional operating models, it’s easy to overlook IoT security, both in terms of its uniqueness and its importance. What Is Different
Publish At:2017-07-24 17:25 | Read:182 | Comments:0 | Tags:Application Security CISO Cognitive Industries X-Force Resea

The Promise of a Unified App Catalog for the Enterprise

Applications can improve the way we get through the day. There are apps for shopping, getting to your next destination, staying abreast of the latest news, keeping in touch with loved ones — no matter what you need, chances are there’s an app for it. It’s no different for enterprises. Apps have helped revolutionize entire industries and have beco
Publish At:2017-07-11 15:55 | Read:451 | Comments:0 | Tags:Application Security Endpoint Mobile Security Apple Applicat

A Primer on Cross-Site Scripting (XSS)

Cross-site scripting (XSS), which occurs when cybercriminals insert malicious code into webpages to steal data or facilitate phishing scams, has been around almost since the dawn of the web itself. Although it is an older exploit, it still appears frequently enough to land on the OWASP Top 10 list. It has even affected modern websites run by the FBI, the O
Publish At:2017-07-10 21:30 | Read:283 | Comments:0 | Tags:Application Security Application Scanning Cross-Site Scripti

In Case You Missed the Memo: What’s New in IBM’s Application Security Testing?

In the popular office parody “Office Space,” there’s an ongoing joke about a recent memorandum that requires employees to attach cover sheets to their testing procedure specification (TPS) reports when they submit them to management. When fictional corporate executive Bill Lumbergh confronts employee Peter Gibbons at his cubicle to discuss
Publish At:2017-06-28 14:55 | Read:382 | Comments:0 | Tags:Application Security Cloud Security Risk Management Applicat

More Mobile Apps Means More Man-in-the-Middle Attacks

When you travel outside your corporate network with your mobile device, you are much more vulnerable to man-in-the-middle (MitM) attacks. This is how attackers intercept data as it’s being passed from a mobile device to a server. Of course, this is problematic for a number of reasons. CSO Online demonstrated how easy it is to steal all sorts of informa
Publish At:2017-06-21 17:10 | Read:506 | Comments:0 | Tags:Endpoint Mobile Security Application Security Bring-Your-Own

Incorporate Application Security Checks and Balances Into Your Organization’s Citizen Developer Initiatives

The first time I heard the term “citizen developer,” I thought it might be the name of a new blockbuster summer movie. However, citizen development has morphed from a trendy IT catchphrase to a powerful force that’s transforming the way organizations develop software. But as your organization opens its doors to citizen developers, how do yo
Publish At:2017-05-22 11:55 | Read:504 | Comments:0 | Tags:Application Security Application Development Application Sec

Application Security for Beginners: A Step-by-Step Approach

Introduction to web application securityThe Web has evolved a lot over time. It started with information exchange, and now it is being used for almost everything, be it entertainment, the health industry, home, etc. From a functionality standpoint, the web has evolved a lot. However, taking a step back and looking from a security perspective there is a
Publish At:2017-05-19 09:40 | Read:522 | Comments:0 | Tags:Application Security

The Security Weaknesses of the iOS: The Aisi Helper, Sandjacking, and Image Threats

IntroductionAs we have eluded in other articles, the world of Information Technology and all of its related hardware and software applications are growing at a very fast pace. In fact, it is so fast that even the consumer, the business, or even the corporation simply cannot keep with this pace. It seems like that hardly one new technology is being adop
Publish At:2017-05-05 19:55 | Read:678 | Comments:0 | Tags:Application Security IOS

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud