Software Development | News, how-tos, features, reviews, and videos
Can WAF be an efficient security control for modern web applications?
The digital certificate switchover from weak SHA-1 to the vastly stronger SHA-2 promises to be brutal, but a new industry proposal could ease the pain
With so many people looking at open source code, its security flaws should be stopped dead -- but it doesn't work that way
Oracle pushes out Java patches promptly, but organizations don't install them; wholesale removal of Java is the only sensible answer
Strengths: Integration, architecture, and end-to-end coverage Weakness: Market visibility
Architecture aligns detection with prevention and remediation to streamline security operations
Security event monitoring systems are often plagued by signal-to-noise problems. Here's how to ensure they produce meaningful alerts
When so many websites link to so many others, hackers can do a lot more damage than sending users to error pages
The growth of app stores has neutralized many old-school malware threats, but it's introduced several risks too
You'd think the seriousness of the latest Java threat would force companies to patch or turn off Java in a hurry. It's not that simple