Gestor de contraseñas: ¿herramienta segura o vulnerable?

Seamos realistas: las contraseñas no son sólo un incordio, encima ni siquiera logran ser seguras. El ciudadano medio tiene docenas de combinaciones de nombre de usuario y contraseña que debe recordar y muchos llegan a acumular cientos de combinaciones que no utilizan. Es imposible recordarlas todas, y ese es un gran motivo para que la […]

Logiciels de gestion de mot de passe : outil sécurisé ou point faible ?

Soyons honnêtes: au-delà du fait que se souvenir d’eux est parfois un casse-tête, les mots de passe ne sont pas en soi les verrous les plus efficaces pour protéger nos données. En moyenne, une personne a des dizaines de combinaisons de noms d’utilisateur et de mot de passe à retenir. Les personnes qui ont une […]

Password managers: Secure tool or single point of weakness?

Let’s face it: Passwords are not only a hassle, they also don’t make the most effective locks. The average person has dozens of username and password combinations to remember. People who are very active online have hundreds of such combinations. It’s just impossible to remember them all, and that’s a big reason why people tend to use the same password […]

Want to improve app security? Do this one thing

While it’s certainly not surprising that simply beginning an application security program reduces application security risks, it is good news. According to application security firm Veracode’s seventh annual State of Software Security (SoSS) report, an impressive 46 percent reduction in flaw density can be achieved just by putting in place formal application security processes and application security scanning. When good […]

Enterprise security still overlooking this weak link

web application security CSC Blogs

Every year, Web-based attacks are among the most popular attack vector against enterprise data. Of course, the layer of the technology stack where attackers focus their attention changes over time. When viruses and malware were spread by disk, exploitation was primarily aimed at the operating system layers. That changed as systems became connected, and enterprises […]

A big — and worrisome — disconnect in enterprise IT security

Enterprise IT security CSC Blogs

When it comes to keeping enterprise systems and data secure, application security takes top billing. No matter how tight and snug an enterprise keeps security controls, an attacker need only exploit a vulnerability in an app to slither on in and grab a foothold. This is why application security and configuration management form such an important baseline to avoid attacks. Good application […]