Application Security stories
Axonius launches first SaaS risk management product
SaaS management tools typically cater to the business side or the security posture management side, but each side is still prone to visibility gaps and information siloes.
Five reasons you need vulnerability management for business-critical applications
Attacks on business-critical applications can exploit administrator privileges, which can then be used to bypass application controls and compromise data and processes.
Kaspersky uncovers malicious version of Whatsapp mod
"We’ve seen how cybercriminals are spreading malicious files through the ad blocks in such apps, and it’s putting the users at risk."
Severe vulnerabilities in appsec environments taking longer to fix - NTT Security
The average time to remediate the most severe vulnerabilities in an organisation’s IT infrastructure has now reached 256 days.
Juniper Networks unveils Cloud Workload Protection to defend application workloads
"Nearly everything we do on the network involves applications, from web browsing and chat to mobile games and services that allow us to get work done."
State-affiliated threat actors attribute 57% of all known web app incidents over last five years - Report
According to a multi-source report, state-affiliated threat actors attributed to 57% of all known web application incidents over the last five years.
Veracode SoSS report: Significant open-source security gap for vendors and users
Researchers highlight a significant gap in open-source security, with 80% of third-party libraries never getting updated by developers.
Micro Focus' CyberRes named leader in Gartner MQ for Application Security Testing
Developing secure software has become an imperative over the past year as organisations have rapidly adopted and embraced new ways of doing business digitally.”
Researchers identify four new security vulnerabilities in Microsoft Office
Check Point Research has identified four new security vulnerabilities in the Microsoft Office suite.
Cloud-native architectures breaking traditional approaches to application security
Just 3% of organidations have real-time visibility into runtime vulnerabilities, as multicloud environments, Kubernetes, and DevSecOps drive digital transformation.
Bad bots, broken APIs and supply chain attacks biggest challenge facing organisations
More needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks.
Entrust launches PKI as-a-Service to better secure cloud apps
The next generation of its high-assurance PKI, Entrust PKIaaS, is designed to be secure, quick to deploy, scale on-demand, and run in the cloud.
Four reasons why application delivery is critical to DevOps
Selecting an application delivery solution that maximises automation and integrates into an existing DevOps environment is critical, writes Radware senior security solutions architect for APAC Yaniv Hoffman.
WhiteHat: 50% of apps are vulnerable
"The state of application security remains very concerning."
AppDynamics launches Cisco Secure Application to protect against vulnerabilities
AppDynamics, part of Cisco, has released Cisco Secure Application, a solution designed to simplify vulnerability management, defend against cyber attacks and protect applications.
Imperva updates WAAP and Data Security offerings with emphasis on simplicity
New simplified subscription plans and security services have been designed to make it easier for businesses to protect critical assets from a growing volume of complex and automated threats.
Dynatrace to offer cloud application security capabilities
Dynatrace is pushing further into the cloud application security space this month, as the company launches a new module as part of its offering across the Software Intelligence Platform.
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."
GitHub's code vulnerability scanning tool now generally available
GitHub has recently rolled out code scanning to help developers detect and prevent vulnerabilities from popping up in their open source and enterprise code.
ESET uncovers chat app malware spying and stealing user's data
The Welcome Chat espionage app belongs to a known Android malware family and shares infrastructure with a previously documented espionage campaign named BadPatch, which also targeted the Middle East.
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.
Banks failing customers when it comes to mobile app security
"Through these vulnerabilities, hackers can obtain usernames, account balances, transfer confirmations, card limits, and the phone number associated with a victim's card.”
Chillisoft to distribute Imperva security solutions
“Imperva is an exciting addition ... they provide leading solutions for enterprise data security, web application, BOT protection, and CDN markets.”
Cloudera: Training, uptake and security main challenges for the cloud
“Our customers will never be 100% cloud, they’ll always be on premise to some degree. The struggle is, how can we do both?”