Effective security awareness curriculum

Posted in Security Awareness on Feb 27, 2017

Covering 8 essential components of an effective security awareness curriculum is the vital first step in improving your security.

3 things secure application developers need

Posted in Implementing Security, Software Development on Feb 06, 2017

Struggling to improve your application security? In many organisations, there's a disconnection between developers and security. Both teams work hard at their respective roles, but without the time and infrastructure necessary for effective collaboration, a significant amount of bugs and vulnerabilities make it into finished applications.

How to Manage DDOS Attacks

Posted in Implementing Security on Jan 30, 2017

Not sure on the best way to prevent DDOS attacks against your organisation in the future?

Get team buy-in to your application security program

Posted in Security Management, Software Development on Jan 23, 2017

When you’re looking to improve application security within your organisation, it’s important to get buy-in across the company. You need to create a culture that prioritises security. However, it can be hard for developers to prioritise security, as they are judged on the functionality rather than the security of their code. So today we're looking at 4 ways to get buy-in from your dev team to help them prioritise application security as much as the rest of your organisation.

How to Enforce Developer Security Training

Posted in Security Awareness, Security Management on Jan 16, 2017

If you’re looking to improve application security, there are two crucial steps to take. Your organisation has to first identify and choose a suitable training program; and, when you’re ready to roll-it out across the organisation, enforce it.

Application Security Testing Checklist

Posted in Implementing Security, Security Management, Software Development, Testing on Jan 02, 2017

Six steps you can take to ensure the safety and security of your web applications - and the sensitive data they contain.

Ways to Reduce the Costs of PCI Compliance

Posted in Security Management, Strategy on Dec 26, 2016

Many organisations treat PCI compliance as an expensive, stressful and time-consuming annual event.

Can infosec differentiate you from competitors

Posted in Strategy on Dec 19, 2016

Application security is vital for minimising the risk of attacks crippling your organisation, but there's a hidden benefit of exceptional application security that often gets less attention.

How to Write Terrible Code

Posted in Software Development on Dec 12, 2016

There's lots of guides on the web that'll help you to write better code, but what about avoiding terrible code? Here's 10 Quick Steps to terrible code.

How to Identify Secure Software Vendors

Posted in Implementing Security, Software on Nov 14, 2016

You can invest all the time and money in the world ensuring that your internal systems are safe and secure, but with more and more third party vendors being used each year, it's all for nothing if they're not secure too.