Software vulnerabilities are one of the biggest security problems faced by organisations; and despite continual improvements in security awareness and software development, the problem persists.
Penetration testing (otherwise known as pentesting) is the process of testing your applications for vulnerabilities, and answering a simple question."What could a hacker do to harm my application, or organisation, out in the real world?"
Why is testing for application security important? Can't an organisation just respond to an incident if, or when it occurs? Whilst that viewpoint may sound mad to someone security conscious, it is unfortunately the approach that many organisations worldwide still take today.
Application security is becoming an increasingly crucial requirement for achieving compliance, and without good application security processes in place across your organisation, you can easily fall down on compliance as a result.
How much does your organisation know about the security of the applications it runs and develops? We look at 4 causes of application security visibility problems, in order to protect against vulnerabilities that could put your data at risk.
In the last couple of years there seems to have been an ever-growing number of high-profile vulnerability disclosures: Heartbleed, GHOST, Shellshock. High-profile vulnerabilities like these shine a spotlight on application security.
If you’re working with a third-party service provider, remember it’s still the responsibility of your organisation to ensure that your customers’ data is handled in compliance with PCI DSS standards.
Posted in Implementing Security on May 17, 2016
Password security isn't enough to protect your organisation. To secure your data, and ward off attack, it's time to roll-out two factor authentication. Today, we're looking at 5 helpful tips for implementing safe and secure two factor authentication.