For too long, code writers have been measured on the features built into their applications - not the potential security vulnerabilities. It's time to change that perspective, says Maty Siman of Checkmarx.
Ethical hackers can play an important role in testing the security of websites, says High-Tech Bridge's Ilia Kolochenko, who describes a new on-demand security assessment service.
Organizations across all industry sectors understand the importance of information security. But turning security awareness into meaningful action - that's the challenge that many midsized entities face, says Sophos' Nick Bray.
When marketing a secure Web gateway worldwide, iboss has to take into consideration the culture of each region and offer customization to meet local needs, says Roy Harris, senior vice president.
When it comes to DDoS attacks, the hacktivists get all the headlines, but there is a robust service industry behind the scenes, supporting these sophisticated strikes, says Darren Anstee of Arbor Networks.
DDoS attacks have grown in sophistication. But so have organizations' dependencies on the services disrupted by DDoS, says Corero's Ashley Stephenson. How should security leaders respond to protect their critical services?
New technology enables organizations to protect applications against reverse engineering and tampering by cybercriminals, says Arxan Technologies' Mark Noctor, who explains how the approach works.
The key to creating secure applications is choosing the right open source components and carefully monitoring them to ensure they remain free of defects, says Sonatype's Wai Man Yau.
On the technical side, authentication is much the same as it was years ago. But the way consumers are using two-factor authentication products has dramatically changed, says Vasco's Jan Valcke.
A new study from Neustar shows DDoS attacks in the United Kingdom are often used as a smoke screen for malware attacks or theft, says security specialist Susan Warner.
When considering security products, companies need to run test scenarios to make certain the product can handle their type of traffic, says Ixia's Richard Favier.
Cloud-based "testing-as-a-service" and "security-as-a-service" platforms can make security more accessible to smaller organizations, says Spirent's Brian Buege.
"If you're not doing the right things on managing vulnerabilities, it doesn't really matter what other kinds of sophisticated things you do - that's the baseline for security," says BeyondTrust's Marc Maiffret.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
As cyber-attacks become more common, organizations must devise new ways to shorten response times and lessen the impact, says Paul Nguyen of CSG Invotas.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.