As more organizations accommodate employees' demands to use mobile devices, ensuring the security of the applications on those smart phones and tablets has become critical. That's why NIST is developing new apps testing guidance.
Oracle has stopped supporting XP, but promises the next update for Java 7 -- though not Java 8 -- will still run on XP. But for how long will this continue? Security experts chart XP's "downward spiral."
For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
The chief executive of the Finnish company that uncovered the Internet website vulnerability known as Heartbleed says security practitioners should rethink how they approach IT security by placing a greater emphasis on vetting software for vulnerabilities.
FS-ISAC has issued a white paper with tips on streamlining third-party software risk assessments. One member of a new working group explains why the adoption of standard security controls is so critical.
Senior leaders in business and government are buying in to the need for more cybersecurity investments as well as threat-intelligence sharing, new research shows. But why are they still struggling to hire the right security pros?
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
Solutionary is out with its 2013 Global Threat Intelligence Report. What are the top four threats to organizations, and how can they be mitigated? Security strategist Don Gray offers insights and tips.