-
Application security test finds financial software lacking
Majority of financial services applications studied by firm weren't sufficiently secure. Article | 22 Sep 2010
-
Citi releases iPhone banking app security fix
Flaw in mobile banking application mistakenly saved customer account data on iPhone. Article | 26 Jul 2010
-
SANS: Application threats, website flaws pose biggest security threats
A new report from the SANS Institute calls flaws in client-side applications often the most ignored by IT professionals. Article | 15 Sep 2009
-
PA-DSS secures payment applications
PA-DSS, Visa's new payment application guideline, is here. What changes will financial services organizations have to put in place in order to educate application developers? Article | 24 Mar 2008
-
Finjan: Attackers wild about widgets
In a new report, security firm Finjan says the digital underground will have no trouble finding flaws to exploit in the widgets most Web users take for granted. Article | 17 Jan 2008
-
Adjusting a Web application's ability to cache in, log out
Expert Michael Cobb explains why it's easy to control an application's log-out settings -- and more difficult to manipulate client-side caching. Interview | 13 Jan 2008
-
Financials and the need for software regression testing
Attackers target financial-services websites, making it critical that financial firms include regression testing and version control in their software development practices. Tip
-
Why financials must implement Web application security best practices
The financial services sector is a favorite target for attackers, making it critical that the industry dedicate more resources to securing Web applications. In this tip, Russ McRee describes his research into vulnerable financial Web applications and... Tip
-
The PCI compliance case for source code review
Web application firewalls won't protect against application logic flaws. Michael Cobb explains why source code review can. Tip
-
The case for source code review
Michael Cobb examines the options for choosing Web application firewalls for PCI DSS compliance. Tip
-
Software testing within financial firms
In this tip, we explore the fundamentals of software security testing at financial services firms. Tip
-
Static and dynamic code analysis: A key factor for application security success
In this tip, Michael Cobb examines how static and dynamic code analysis processes can help organizations identify coding flaws, mitigate Web application-based attacks and offers three ways to improve your organizations overall application security st... Tip
-
Improve Web application security with threat modeling
By now, most information security practitioners agree that the industry-wide software development life cycle needs to improve, but there are concerns that these improvements will increase enterprises' costs. In this tip, Web security expert Michael C... Tip
-
Inside application assessments: Pen testing vs. code review
Learn the advantages and limitations for two of the most popular application security offerings: penetration testing and code review. Tip
-
virtual asset
A virtual asset is a representation of currency in some environment or situation, such as a video game or a financial trading simulation exercise... (Continued) Word
-
Web application threats: What you really need to know
In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process. Video
-
Web application threats: What you really need to know
In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process. Video
-
Application security test finds financial software lacking
Majority of financial services applications studied by firm weren't sufficiently secure. Article
-
Citi releases iPhone banking app security fix
Flaw in mobile banking application mistakenly saved customer account data on iPhone. Article
-
Financials and the need for software regression testing
Attackers target financial-services websites, making it critical that financial firms include regression testing and version control in their software development practices. Tip
-
SANS: Application threats, website flaws pose biggest security threats
A new report from the SANS Institute calls flaws in client-side applications often the most ignored by IT professionals. Article
-
Why financials must implement Web application security best practices
The financial services sector is a favorite target for attackers, making it critical that the industry dedicate more resources to securing Web applications. In this tip, Russ McRee describes his research into vulnerable financial Web applications and... Tip
-
The PCI compliance case for source code review
Web application firewalls won't protect against application logic flaws. Michael Cobb explains why source code review can. Tip
-
The case for source code review
Michael Cobb examines the options for choosing Web application firewalls for PCI DSS compliance. Tip
-
Software testing within financial firms
In this tip, we explore the fundamentals of software security testing at financial services firms. Tip
-
PA-DSS secures payment applications
PA-DSS, Visa's new payment application guideline, is here. What changes will financial services organizations have to put in place in order to educate application developers? Article
- See More: All on Secure software design
About Secure software design
Bad software is at the heart of many computer security issues. Get advice, tips and best practices from the experts about secure software design, including secure software development life cycle processes, how to develop and implement traditional and Web applications via secure sessions, caching, cookies and analysis.