Hashing and encrypting are two words that are often used interchangeably, but incorrectly so. Do you understand the difference between the two, and the situations in which you should use one over the other? In today's post I investigate the key differences between hashing and encrypting, and when each one is appropriate.
Security Innovation and The Ponemon Institute does a regular study, called The State of Application Security. This study investigates the difference in application security beliefs between developers, security professionals and company executives. The results are pretty shocking.
Posted in Security Awareness on Oct 17, 2016
Not all security breaches happen because of malicious intent. Some of the most common security issues are caused by bad habits ingrained in employees’ day-to-day routines. Thankfully, these potential threats and vulnerabilities are possible to reduce.
Posted in Security Awareness on Oct 10, 2016
If you aren’t measuring your efforts by tracking and analysing your results, you will end up with an incomplete and ineffective program, without the support, funds or focus required to protect your organisation against security breaches.
Application security is becoming an increasingly crucial requirement for achieving compliance, and without good application security processes in place across your organisation, you can easily fall down on compliance as a result. Here we look at a 4-step action plan to achieve application security compliance.
Software developers always need to be upskilling, and increasingly are expected to bring more than just great code to an organisation. There's hundreds of blogs software developers can read to learn, but it's difficult knowing where to begin (or even what's worth reading).
Most developers specialise in a specific aspect of software and application development; each with their own set of unique benefits and potential security vulnerabilities.
To ensure that your development team understand the risks associated with web application development, and are armed with the tools to protect your organisation against them, you need to understand how to train secure web developers.