NIST proposes Secure Software Development Framework

cyber-security-framework

Ever since Bill Gates fired off his famous Trustworthy Computing memo in January 2002, developing secure software has been a hot topic of discussion. It was important before then, for sure, but it was often overlooked. It took a series of high-profile worms such as Code Red and Nimda and a series of breaches to […]

How application security testing needs to change in an agile, DevOps world

security-text-on-screen

In today’s dynamic cyber-attack landscape, a robust security strategy that looks at all attack surfaces is critical. Enterprises must tirelessly assess their current state of readiness and continually improve governance and processes to stay a step ahead of malicious actors. Applications are one of the preferred attack vectors with up to 90% of successful breaches […]

Gestor de contraseñas: ¿herramienta segura o vulnerable?

Seamos realistas: las contraseñas no son sólo un incordio, encima ni siquiera logran ser seguras. El ciudadano medio tiene docenas de combinaciones de nombre de usuario y contraseña que debe recordar y muchos llegan a acumular cientos de combinaciones que no utilizan. Es imposible recordarlas todas, y ese es un gran motivo para que la […]