News Security Report Calls for Enterprise App Lifecycle Revamp Enterprise mobile and Web app development is riddled by security gaffes, according to a new report from WhiteHat Security, which is calling for a revamp of the development lifecycle. The firm teamed up with NowSecure and Coalfire to identify security vulnerabilities introduced into the enterprise via traditional applications and more modern apps, including those created with agile development frameworks, microservices, application programming interfaces (APIs) and cloud architectures. The new 2018 Application Security Statistics Report analyzed data from more than 20,000 applications. It found multiple vulnerabilities in both mobile and Web apps. Some of the high-level findings emphasized by WhiteHat Security include: The number of serious vulnerabilities continues to increase at a rate that makes remediation nearly impossible, if teams continue to rely on traditional methods. Microservices are riddled with … [Read more...] about Security Report Calls for Enterprise App Lifecycle Revamp — ADTmag
Owasp top 10 2016
In today’s world, being constantly connected to people and systems through devices such as smartphones, tablets and computers is pretty much a normal state of affairs. And this ‘always on’ situation will only increase over time - everything will talk to everything else: person-to-person, machine-to-person and machine-to-machine. While this opens up a world of opportunities, the downside is that more and more connections also mean more and more opportunities for attack and compromise. The question remains can you provide adequate security in a cloud age where everything is connected to everything else? The good news is that many of these interactions rely on an API (Application Programming Interface) to communicate to an application or system somewhere in the world. APIs have quickly become the primary channel for business transactions in most modern enterprises. When you type in a website address, for example, the request goes out to a remote server belonging to … [Read more...] about API security: gold rush or wild west?