We held a webcast last week with Mark Wireman of OpenSky, who is an expert in application security and has worked in this space for 15 years. We appreciate Mark taking the time to share his experience securing applications in the enterprise and responding to the onslaught of mobile-based entry points in the application development process. During the course of the hour, we received a number of interesting questions and comments and thought they would make great topics for a few blog posts. Stay tuned for a follow-up post from Mark, which will include answers to several questions on Appsec in agile development. Defensive vs. Offensive There was a question … Read More
Tag Archives: application security
Managing Security Risks with the Rise of Mobile and Cloud
The perimeter surrounding enterprise applications expanded exponentially since the birth of mobile and cloud, and IT security professionals are looking in all the wrong places to try and find a fix. Traditionally, organizations secured their data using a walled off perimeter — like the walls of a medieval castle — which contained a multitude of layers to help mitigate the risk of data compromise or exposure. The advent of mobile has altered that landscape dramatically, essentially opening up the front door of the castle and allowing that data to escape into unknown territory — the mobile device. I’ll be presenting a webinar on this subject, Managing Security Risks with the … Read More
C-suite: It’s time to get techy
If you’re snickering at the idea of your CIO talking Java (or any programming language for that matter), trust us, you’re not alone. However, CIOs can no longer afford to be in the dark about their IT team’s choice of programming language and tools. Initial results from CAST’s most recent CRASH report, released today, reveals which enterprise Java framework delivers the most secure and reliable applications. With this information, C-suite executives can better understand how choices made in IT can impact the security and reliability of enterprise applications. Click over to read the initial results released this morning, or sign up for our webinar on Jan. 29, Java Applications … Read More
Android Application Failures Still Try Our Souls
Happy Independence Day everybody! I only hope those of you reading this on your Android device have not turned it sideways or performed some other seemingly innocuous action that has made this application fail. I say this because I recently read yet another blog about “workarounds” to compensate for application failures inherent in Android devices. These pieces have become almost ubiquitous over the past 18 months to the point where one would think Google would just go back and perform the structural quality analysis it needs to do to address the issues. Their failure to do so reminds me on this day before Independence Day of the opening lines of … Read More
‘Gate Closings’ Before Gimmicks
With all of the security issues appearing in the press these days, I’m often reminded of a conversation I had with John Kilroy, the former CIO at Cape Cod Hospital. At the time I was doing media relations work for a company in the Health Care IT industry and was working with Kilroy, who has been retired for the last five years, on an article for one of the publications that covers that space. The big issue back then was the Health Insurance Portability and Accountability Act, better known as HIPAA. The underlying security issues behind HIPAA are very similar to those being faced by every organization that keeps its … Read More
Fix a Hole, Stop a Bug
After a very mild winter this year, the Northeast part of the country found itself stuck in a prolonged “early spring” where it seemed like but for a couple of days temperatures refused to warm up from the 40’s and 50’s. We seemed to be stuck in the ether between “actual cold” and “comfy warm” for quite a while until the past week or so. When finally the temperatures turned upwards into the 60’s and 70’s, I happily threw open all my windows in the house to “air the place out.” Apparently, though, the insect population of my neighborhood seemed to be waiting for this moment as well and took … Read More
Living Up to Standards
By definition, standards are supposed to be a set of bare minimum requirements for meeting levels of acceptability. In school, the students who took the “standard” level courses were those who were performing “at grade level” and just focused on graduating. Every April in the United States we need to decide whether we will take the “standard deduction” – the bare minimum we can claim for our life’s expenses – or do we have enough to itemize our living expenses and therefore deduce more from our base income before taxes. In other words, standards are the vanilla ice cream of business requirements. When it comes to Technology, standards are no … Read More