Because the media mostly focus on bigger data breaches, small business owners may assume that hackers only pursue companies with huge amounts of data, and that their own company would be of little interest to hackers. In reality, this is simply not true. Small Businesses - An Interesting TargetSmall businesses store valuable data [...]
The OWASP Top 10 is a powerful awareness document for web application security. It represents a broad consensus about the most critical security risks to web applications.A primary aim of the OWASP Top 10 is to educate developers, designers, architects, managers, and organizations about the consequences of the most common and most important web [...]
This blog post is based on OWASP Transport Layer Protection Cheat Sheet, and it will provide simple rules to follow when implementing transport layer protection for an application.Although the concept of TLS is known to many, the actual details and security specific decisions of implementation are often poorly understood and frequently result in insecure [...]
As software developers author the code that makes up a web application, they need to embrace and practice a wide variety of secure coding techniques.All tiers of a web application, the user interface, the business logic, the controller, the database code and more – all need to be developed with security in mind. [...]
Cyber attacks are a risk for all businesses, regardless of size. Security testing will reveal if your company's security measures can withstand external threats, and whether they are adequate and functioning correctly.Effective network security testing simulates an attack from a malicious source, mapping the possibility of an attack and what consequences it can have [...]
Most software suppliers are highly skilled at what they do. Their developers are experts at building systems, and making things work. Hackers do however have a completely different mindset. Their focus are on how to break things, and on how to exploit functionality in systems. Because of this, software suppliers can benefit from conducting [...]
Cyber attacks are a risk for all businesses, regardless of size. A security test can reveal if your security measures can withstand external threats, and whether they are adequate and functioning correctly. Effective network security testing simulates an attack from a malicious source. Mapping the possibility of an attack and what consequences it can [...]
Exploit kits can download malicious code and malware on your computer automatically while you are surfing the Internet. In this blog post we will have a closer look at this devious form of attack. What are exploit kits?Exploit kits are tools that cyber criminals use to scan your system for vulnerabilities, exploit the [...]
Network security monitoring (NSM) involves collecting and analyzing data, which in turn give companies the opportunity to detect and respond to intruders in their network. In this way, companies can take action before intruders manage to accomplish their missions, and prevent further damage to the company. Network security monitoring is however not a [...]
Most people have several different apps on their phones, but what do you really say yes to when downloading an app? A lot of apps extract far more information than necessary, track users without good reason, and require disproportionate rights to user content. Why should for example an e-book app have access to [...]