HackDig : Dig high-quality web security articles for hacker

Chaos Theory of Standardization in IOT

There are numerous standards being followed currently in the IOT space to connect various devices but no single global framework is followed. As Chaos theory focuses on the initial condition of every event meaning that their future behavior is fully determined by their initial conditions, I feel that the IOT scenario is also currently at an initial juncture
Publish At:2016-05-07 07:05 | Read:4480 | Comments:0 | Tags:Breaking News Internet of Things IoT security standards

Underwriters Labs refuses to share new IoT cybersecurity standard

UL, the 122-year-old safety standards organisation whose various marks (UL, ENEC, etc.) certify minimum safety standards in fields as diverse as electrical wiring, cleaning products, and even dietary supplements, is now tackling the cybersecurity of Internet of Things (IoT) devices with its new UL 2900 certification. But there's a problem: UL's refusal to fr
Publish At:2016-04-13 21:20 | Read:3933 | Comments:0 | Tags:Gear & Gadgets Risk Assessment iot open standards standards

Why Algebraic Eraser may be the riskiest cryptosystem you’ve never heard of

A potential standard for securing network-connected pacemakers, automobiles, and other lightweight devices has suffered a potentially game-over setback after researchers developed a practical attack that obtains its secret cryptographic key.Known as Algebraic Eraser, the scheme is a patented way to establish public encryption keys without overtaxing the limi
Publish At:2015-11-18 00:40 | Read:4339 | Comments:0 | Tags:Risk Assessment Technology Lab cryptanalysis cryptography In

SANS 2015 State of Application Security

The SANS Institute has published this year's survey results about application security programmes.In a change to last year's report the authors of 2015 State of Application Security: Closing theGap have identified and broken down their analysis and reporting into two groups of survey respondents - builders and defenders.Jim Bird, Eric Johnson and Frank Kim a
Publish At:2015-05-18 09:00 | Read:3148 | Comments:0 | Tags:testing information assurance disposal development maturity

Lightning OWASP Project Presentations at AppSec EU 2015

AppSec EU 2015 begins in two weeks. It is being held in Amsterdam at the Amsterdam RAI exhibition and conference centre.With the news yesterday that the number of conference attendee bookings has surpassed 400, together with the training, capture the flag competition, university challenge, application security hackathon, computer gaming, networking and organ
Publish At:2015-05-09 22:15 | Read:3807 | Comments:0 | Tags:requirements SDLC testing development owasp projects appsece

Software Assurance Maturity Model Practitioner Workshop

The OWASP Open Software Assurance Maturity Model (Open SAMM) team are holding a summit in Dublin at the end of March.As part of the two-day Open SAMM Summit 2015 a full day is being allocated to software assurance practitioners and those who want to learn about using the vendor-neutral and free Open SAMM to help measure, build and maintain security throughou
Publish At:2015-02-21 02:50 | Read:3528 | Comments:0 | Tags:testing corrective standards maturity preventative technical

Two ENISA Reports on Cryptography

At the end of last week, the European Union Agency for Network and Information Security (ENISA) published two reports on the use of cryptography.Algorithms, Key Size and Parameters 2014 (PDF) provides guidance on appropriate cryptographic protective measures for the protection of personal data in online systems. The report defines primitives/schemes that can
Publish At:2014-11-25 22:50 | Read:3446 | Comments:0 | Tags:privacy data protection technical standards guidelines preve

HTTP Security Headers

Earlier this year there was a useful post about implementing Hypertext Transfer Protocol (HTTP) security headers from Veracode.On Wednesday in a follow-up post, Isaac Dawson presents an analysis of the security headers of the top one million web sites, and compares the findings with a similar assessment in March. That's quite a lot of sites, but not enough t
Publish At:2014-10-24 07:45 | Read:3006 | Comments:0 | Tags:XSS policies standards hosting trust guidelines technical co

Application Security and Privacy Mapping 2014

The chart detailing the most important guidance, standards, legislation and organisations that can influence mobile and web application development security and privacy in the UK has been comprehensively updated.Principal Influences on UK Applications is managed by me and published on my company's web site as a mind map diagram and text tree, together with a
Publish At:2014-10-11 10:45 | Read:3813 | Comments:0 | Tags:policies standards legislation administrative information as

OWASP Testing Guide v4

The OWASP Testing Guide team of volunteers has announced the publication of version 4 of the OWASP Testing Guide.The creation of version 4 (PDF, HTML) lead by Andrew Muller and Matteo Meucci. The guide is the de-facto standard for performing web application penetration testing.Following an initial overview, introduction and discussion of testing objectives,
Publish At:2014-10-07 19:50 | Read:3076 | Comments:0 | Tags:vulnerabilities technical standards procedures testing

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud