HackDig : Dig high-quality web security articles for hacker

Do You Know Your Responsibilities When It Comes to Container Security?

As you migrate your enterprise to the public cloud or multicloud, you want to realize some of its inherent benefits regardless of what service model you utilize. Whether your goal is cost optimization, scalability or elasticity, the cloud can allow your enterprise to adopt newer, cutting-edge technologies to innovate your business without the burden of havin
Publish At:2020-03-24 07:55 | Read:253 | Comments:0 | Tags:Cloud Security Application Development Application Security

7 Spring Cleaning Tasks to Improve Data Security

This year, March 19 ushered in spring in the Northern Hemisphere — the first time since 1896 that the season has started so early. So why not take advantage of the season’s early arrival to do some spring cleaning, not only of your physical space, but of your data and systems, too? Digital spring cleaning can make your life easier and dramatically impr
Publish At:2020-03-20 10:40 | Read:227 | Comments:0 | Tags:Data Protection Mobile Security Application Security Cloud C

9 Best Practices from X-Force Red for Organizations and Employees

As employers rapidly respond to the need to protect their workforces from potential exposure and spread of the novel coronavirus, also known as COVID-19, many organizations are making the very difficult decision to pivot to a work-from-home model. This means employees will be connecting to corporate networks from whichever device is available: laptops, phone
Publish At:2020-03-18 16:57 | Read:211 | Comments:0 | Tags:Application Security CISO Data Protection Threat Intelligenc

Private Application Access Firm Axis Security Emerges From Stealth

Axis Security, a company that specializes in private application access, emerged from stealth mode on Tuesday with $17 million in funding.Axis Security is based in San Mateo, California, and its research and development is in Tel Aviv, Israel. The company provides a software-as-a-service (SaaS) solution named Application Access Cloud that is advertised as an
Publish At:2020-03-17 13:19 | Read:199 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Identity & Acce

PE Firm to Buy Application Security Specialist Checkmarx at $1.15 Billion Valuation

Checkmarx, a provider of tools for testing source code for security issues, announced on Monday that private equity firm Hellman & Friedman (“H&F”) has agreed to acquire a majority of the Company from Insight Partners in a deal valuing Checkmarx at $1.15 billion.Insight Partners, which will continue to own a substantial minority interest in Checkmarx
Publish At:2020-03-16 14:33 | Read:201 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities

Player vs. Hacker: Cyberthreats to Gaming Companies and Gamers

The video gaming landscape has changed drastically over the past few decades. Some of these changes have led to considerable developments in the cyberthreat landscape as it applies to gaming companies, the games themselves and the user base that enjoys them. Integration of the cloud, mobile apps and social networks, the diversity of games and platforms, th
Publish At:2020-03-16 10:45 | Read:292 | Comments:0 | Tags:Application Security Software & App Vulnerabilities Threat I

U.S. Senators Seek to Ban TikTok on Government Devices

Sen. Josh Hawley (R-MO) and Sen. Rick Scott (R-FL) this week introduced a bill aimed at banning the use of the China-made TikTok application on government devices.Referred to as the “No TikTok on Government Devices Act,” the new legislation would prevent government employees, diplomats, and politicians from downloading or using TikTok or other applications f
Publish At:2020-03-13 10:40 | Read:331 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Application Security Com

Firefox 74 Patches Vulnerabilities, Disables TLS 1.0 and 1.1

Mozilla this week released Firefox 74 to the stable channel with several security improvements, including patches, a new add-ons policy, improved privacy, and versions 1.0 and 1.1 of the Transport Layer Security (TLS) protocol disabled by default.With TLS 1.0 and TLS 1.1 considered vulnerable to various types of attacks, including BEAST, CRIME and POODLE, th
Publish At:2020-03-11 13:45 | Read:361 | Comments:0 | Tags:NEWS & INDUSTRY Privacy Application Security Vulnerabili

Google Launches Free Fuzzer Benchmarking Service

Google this week announced the launch of FuzzBench, a free and open source service for evaluating fuzzers.The fully automated service was designed to allow for an easy but rigorous evaluation of fuzzing research, in an attempt to boost the adoption of fuzzing research – an important bug finding technique.With the new service, Google wants to make it easier t
Publish At:2020-03-03 13:47 | Read:216 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities Man

Advancing DevSecOps Into the Future

If DevOps represents the union of people, process, and technology to continually provide value to customers, then DevSecOps represents the fusion of value and security provided to those same customers. The philosophy of integrating security practices within DevOps is obviously sensible (and necessary), but by attaching a different label perhaps we are likely
Publish At:2020-03-03 09:59 | Read:206 | Comments:0 | Tags:INDUSTRY INSIGHTS Application Security

Framework Isolates Libraries in Firefox to Improve Security

A group of researchers has built a sandbox framework that can improve the security of Firefox by isolating third-party libraries used by the browser.Similar to other major browsers, Firefox relies on third-party libraries to render content — such as audio, video, and images — and these libraries often introduce additional vulnerabilities, researchers from th
Publish At:2020-02-27 12:23 | Read:272 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Vulnerabilities

A Guide to Easy and Effective Threat Modeling

Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker’s point of view. The purpose of threat modeling is to provide defenders with a systematic analysis of the probable attacker’s profile, the most likely attack vectors and the assets most desired by an attacker. Ef
Publish At:2020-02-27 09:41 | Read:444 | Comments:0 | Tags:Application Security Security Intelligence & Analytics Appli

Attacking the Organism: Financial Services

When it comes to high-value assets, few industries can come close to financial services. It’s not just the obvious fact that banks are giant warehouses of money—banks represent critical pieces of infrastructure that entire economies rely upon. And while the likes of George (don’t call him Baby Face) Nelson may have made a decent living robbing physical
Publish At:2020-02-20 09:43 | Read:328 | Comments:0 | Tags:INDUSTRY INSIGHTS Application Security

Microsoft Trials Election Security Solution in Wisconsin

Microsoft representatives are in Fulton, Wisconsin, on Tuesday to conduct the first real-world trials for ElectionGuard, the company’s open source election security solution.Introduced in May 2019, the free software development kit (SDK) was created in collaboration with Galois, aiming to provide end-to-end verification of elections. Moreover, the tool opens
Publish At:2020-02-18 12:14 | Read:337 | Comments:0 | Tags:NEWS & INDUSTRY Application Security Audits Security Arc

What Is a DDoS Attack?

After 20 years of prominence, distributed denial-of-service (DDoS) attacks may be causing more devastating effects than ever. The first DDoS attack occurred way back on July 22, 1999 when a network of 114 computers infected with a malicious script called Trin00 attacked a computer at the University of Minnesota, according to MIT Technology Review. The infect
Publish At:2020-02-15 17:18 | Read:240 | Comments:0 | Tags:Network Security Intelligence & Analytics Application Securi


Share high-quality web security related articles with you:)


Tag Cloud