Application and Platform Security

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Implementing secure private cloud IaaS: Factors to consider

    Video: Dave Shackleford explores security-related factors to consider when planning and implementing private cloud Infrastructure-as-a-Service.

  • Armitage tutorial: How to use Armitage for vulnerability assessments

    Video: In this Armitage tutorial, Keith Barker of CBT Nuggets shows how to use the Metasploit add-on to perform vulnerability assessments.

  • Users may remain vulnerable despite Oracle Java patch release

    Oracle has issued a new security patch for Java, but only 7% deployed the patch before it.

  • virtual patching

    Virtual patching is the quick development and short-term implementation of a security policy meant to prevent an exploit from occurring as a result of a newly discovered vulnerability. A virtual patch is sometimes called a Web application firewall (WAF).

  • Threat prevention techniques: Best practices for threat management

    A successful threat management program requires effective processes, layered technology and user education.

  • Readers' Choice Awards 2011

    Readers vote on the best vulnerability management products, including network vulnerability assessment scanners, vulnerability risk management, reporting, remediation and compliance, patch management and vulnerability management lifecycle products.

  • Black Hat 2011: Hacking technique targets Windows kernel errors

    Researcher Tarjei Mandt uncovered dozens of hidden vulnerabilities deep inside Microsoft Windows.

  • application blacklisting

    Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.  Such programs include not only those known to contain security threats or vulnerabilities but also those that are deemed inappropriate within a given organization. Blacklisting is the method used by most antivirus programs, intrusion prevention/detection systems and spam filters.

  • application whitelisting

    Application whitelisting is a computer administration practice used to prevent unauthorized programs from running. The purpose is primarily to protect computers and networks from harmful applications, and, to a lesser extent, to prevent unnecessary demand for resources.

  • RC4 attack details: Can the RC4 encryption algorithm protect SSL/TLS?

    Expert Michael Cobb provides background on the RC4 encryption algorithm and determines whether a recent RC4 attack signals trouble for SSL/TLS users.

  • How to prevent SQL injection attacks by validating user input

    Expert Michael Cobb discusses how to prevent SQL injection attacks by validating user input and utilizing parameterized stored procedures.

  • Quiz: Choosing a Web security gateway

    Check you're up to speed and ready to choose and deploy a Web security gateway. This five-question quiz will test you on the key points we've covered in the webcast, podcast and article in this Security School.

  • PDF download: Information Security magazine February 2012

    Read about new antimalware strategies and readers' 2012 priorities in this issue of Information Security magazine.

  • Book chapter: Social media security policy best practices

    The following is an excerpt from chapter 6 Gary Bahadur from the book Securing the clicks: Network security in the age of social media.

  • Web application attacks: Building hardened apps

    This security school lesson details the myriad of Web application attacks in circulation today, providing detailed explanations of SQL injection attacks, clickjacking, cross-site scripting and cross-site request forgery attacks and other Web-based attacks that lead right to sensitive information stored in a backend database. We’ll also explain how to begin assessing your production Web apps for dangerous flaws and how to architect a software development process that can help you counter these threats in both QA and production.

  • Internet Explorer 8 XSS filter: Setting the bar for cross-site scripting prevention

    The Internet Explorer 8 XSS filter can assist in cross-site scripting prevention. Michael Cobb explains how it works in this expert response.

  • XML firewall security guide: Prevent XML vulnerabilities and threats

    This section of the XML Web services Tutorial highlights the functions and capabilities of the XML firewall, how the features of an XML firewall compare to other firewalls, and offers advice on how to prevent XML vulnerabilities and stop XML attacks.

  • Mitigating Web 2.0 threats

    As companies look to cut costs, Software as a Service has gained ground in the enterprise. Similarly, social networking sites like Facebook and LinkedIn are must-haves in today's workplace. David Sherry reviews how to secure these services and defend against a variety of Web 2.0 threats.