Asia's Source for Enterprise Network Knowledge

Monday, May 27th, 2019

web application security

Convenience and security – shall the twain ever meet?

IT security teams’ constant balancing between controlling and relaxing access to critical IT resources to mitigate cyber risks accentuates the gulf between organizations’ need to secure information and end-users’ desire for convenient access to it.

HP's Fortify buy puts spotlight on obscure -- but important -- niche

Hewlett-Packard's move this week to buy Fortify software focuses attention on the increasingly important, but still mostly underutilized category of application security products, security experts say.

Privately-held Fortify will provide HP with a set of technologies for on-premise testing of applications through all s

More and more companies address web application security

Companies are making progress in Web application security, patching throngs of website holes, according to the latest research being presented today by WhiteHat Inc.

Up to 97% of websites vulnerable to hacking

It used to be that IT security is about the protection of a company’s database and infrastructure. But the Internet and globalization has thrown this understanding out the door. In fact as organizations move out of the confines of their four walls, vulnerabilities start to creep in.

Adobe addresses ColdFusion exploit

Adobe Systems Inc. has issued a patch fixing a vulnerability in its ColdFusion application development platform that left many websites at risk of intrusion.

The patch addresses ColdFusion security by turning off an uploading feature enabled by default blocking any attempt by a hacker to conduct a website attack.

Web application vulnerabilities continue to increase, says nCircle

Web application security scanners are finding increasing numbers of coding errors, according to the latest statistics from compliance auditing vendor, nCircle.

The latest study by nCircle found that Web application vulnerabilities from 2007 to 2008 increased by 154% and are continuing to grow by 25% so far this year. But the growth occurred even as the total number of overall security flaws is decreasing, said the security vendor.

Month of Twitter Bugs launched

One of the security researchers behind the Month of Browser Bugs is launching a new project documenting API flaws in the social networking platform Twitter.

Social networks threats increase in 2009, says Kaspersky expert

Threats to social networking websites continue to climb at an alarming rate, according to researchers at Kaspersky Lab. So far, more than 25,000 malware samples have been tracked by Kaspersky spreading through social networks and researchers estimate that the number could exceed 100,000 by the end of 2009.

IT managers pressured to relax web security policy, says survey

IT professionals are under pressure from upper level executives to open the floodgates to the latest Web-based platforms, relaxing Web security policy, according to a new survey of 1,300 IT managers.

The survey, conducted by independent research firm Dynamic Markets Ltd., was commissioned by Web, DLP and email security vendor Websense Inc. Dynamic Markets conducted interviews with IT managers in Australia, Canada, China, France, Germany, Hong Kong, India, Italy, the U.K. and the U.S.

Deepening app, web, data security in UTM appliances

In recent months, unified threat management (UTM) solution vendor, Fortinet, has beefed up its web, application and database security capabilities for enterprises of all sizes. Specifically, it introduced the FortiOS 4.0 firmware upgrade for its FortiGate security appliance, and the FortiWeb web application and XML firewall that complements its FortiDB database security product.