You've requested...

Share this with your colleagues:

Download this next:

Web-facing applications: Security assessment tools and strategies

Businesses continue to create web applications that offer improved access to information. Unfortunately, this online presence has created an area that’s vulnerable to security threats and web application security assessments that often fall short.

Consult this expert E-guide to learn more about properly discovering web application threats. Discover the tools you need for protection and how you can mitigate likely threats by consulting this resource now. 

These are also closely related to: "AppDetective"

  • E-Guide: Database Tools for Auditing and Forensics

    Database auditing requires more than just the right tools: those tools also have to be properly configured to offer the information that's needed and database performance that's required.

    This e-guide presents the best practices for tuning database auditing tools. Continue reading this e-guide to learn more about these best practices which will allow you to audit without forfeiting  database performance.

  • Proactive Security: Software vulnerability management and beyond

    For decades, passive perimeter defences have been the order of the day. But modern security professionals are moving to a more pro-active approach to cyber defence, and managing vulnerabilities is a key element of that.

    Essentially, vulnerability management is a pro-active approach to network security through reducing the likelihood that flaws in code or design compromise the security of an endpoint or network, as happened in the Equifax breach. This process typically involves identifying vulnerabilities relevant to a particular organisation through a vulnerability assessment and then mitigating them through a continuous improvement strategy, with special focus on zero day vulnerabilities where appropriate. In many cases, the focus of this is on business applications with some organisations using bug bounties alongside or instead of penetration testing. However, this process cannot be limited to business applications. Information security professionals often need to look beyond code to cloud infrastructure and even IT systems not directly related to the line of business such as building management systems, which are easily and often overlooked. 

Find more content like what you just read:

  • SAST for microservices: Why is it so important?

    In the race to get to market, the last thing you want is to overlook the security of your microservices architecture. Don't leave your development process vulnerable. Click inside to learn about a Static Applications Security Testing (SAST) offering that allows you to ensure your microservices are as safe as possible.

    Download

  • How to combat cross-site scripting (XSS) attacks

    Discover how a cross-site scripting (XSS) vulnerability was found during an assessment of a financial services website and how the tester managed to get around the malicious script.

    Download

  • Your IAM maturity assessment: How does your platform stack up?

    To help security leaders, Forrester developed an IAM maturity assessment tool to help identify gaps in their current IAM strategy and practices and improve their overall security posture. Read on to see where your organization stacks up.

    Download

  • Assess the state of privileged access security within your organization

    The commonality in most data breaches and cyberattacks is the exploitation of privileged accounts, credentials and access keys. In this solution brief, learn how CyberArk's Privileged Access Security Assessment Tool can help you evaluate your current privileged access security risk and vulnerabilities.

    Download

  • How to secure source code for all your apps, not just the critical ones

    App vulnerabilities originate with the source code, and you'll want to secure more of your source code in both development and production. But it's easier said than done for security pros to review source code continuously. Uncover a new static application security testing subscription service to address this problem.

    Download

  • Uncover privileged access security risk with CyberArk zBang

    In this brief, learn about the capabilities of the CyberArk zBang tool and how it creates an in-depth risk assessment that automates and unifies manual scans that uncover privileged access security risk across on-premises environments.

    Download

  • Hands-on Oracle Application Express security

    This book extract demonstrates how Oracle Application Express (APEX) can be vulnerable to SQL injection, using sample code.

    Download

  • Secure coding: 451 Research's assessment of WhiteHat Scout

    Read through 451 Research's assessment of WhiteHat Scout and how the product broadens WhiteHat Security's capabilities.

    Download

  • Lab analysis of Vembu Backup and Disaster Recovery

    In this analysis, openBench Labs assesses the performance and functionality of the Vembu Backup & Disaster Recovery (BDR) data protection solution. Continue reading for 5 featured benefits and detailed analyses on RTO and RPO success factors, lowering snapshot overhead, and more.

    Download

  • Protecting against phishing and ransomware attacks

    In this webcast, security expert Ian Hassard, Director of Product Management at Arctic Wolf Networks, shares top strategies on how to protect your business against phishing and ransomware attacks with rapid detection, response and remediation.

    Download

  • 4 auditing techniques to help your organization maintain compliance mandates

    More and more regulations are being passed that dictate increased effort be exerted to better secure and protect the accuracy and privacy of enterprise data. So how can organizations ensure they are in compliance with these regulations (and others)? Download this white paper for 4 data access auditing techniques to help maintain compliance.

    Download

  • 5 techniques you need to secure your SQL-based apps

    SQL Injection, the hacking technique that has caused havoc since first being identified in 1998, is still being used on a regular basis. Download this e-book for 5 preventive techniques to get ahead of cybercriminals and secure your SQL-based apps from injections, today.

    Download

  • The future of databases in APAC

    In this e-guide, read more about the promises of autonomous databases, why relational databases are poor at running digital transformation projects, and why Amazon Web Services decided to switch off its Oracle data warehouse.

    Download

  • Demystifying the myths of public cloud computing

    In this article in our Royal Holloway security series, Chris Hodson asks whether public cloud is less secure than private datacentres, and assesses service models, deployment, threats and good practice.

    Download

  • App security comparison: SAST vs. Contrast Assess

    Application security coverage is evermore important due to widespread cyber threats, but traditional frameworks fail to appropriately cover all four app security dimensions. Download this whitepaper for a side-by-side comparison of a traditional SAST solution versus Contrast Assess.

    Download

  • How to handle requirements for risk assessment methodologies

    Over time, the information security/risk management profession has developed a variety of methods for assessing risk within an organization.

    Download

  • Analyst's take: Independent software vendors save money with DataDirect drivers

    Independent software vendors (ISVs) that embed DataDirect drivers can leverage DataDirect’s expertise to improve data connectivity.  Using DataDirect helps them reduce cost and risk so they can focus on innovation and competitive advantage.

    Download

  • 5 ways to minimize the impact of a cyberattack – Threat detection

    If your organization is looking to improve the effectiveness of your threat detection program, uncover the top 5 recommendations for effective threat detection, today.

    Download

  • CW Buyer's Guide: infrastructure on demand

    This 10 page Computer Weekly Buyer's Guide offers advice for organisations looking at infrastructure on demand in the cloud.

    Download

  • How to keep compliance audits simple and effective

    With a surplus of frequently evolving regulations to meet, performing regular compliance audits can be a good way to help avoid harmful fees and fines. Watch this webinar to find out how SentryOne can help audit your data compliance standings across any number of SQL Server databases.

    Download

  • Best practices for effective MySQL performance tuning

    At a time when 25 percent of users will abandon a database-driven web application after only 3 seconds of delay—slow MySQL database performance is no longer something that can be easily ignored. Read this white paper for several key best practices for effective MySQL performance tuning.

    Download

  • Focus: Disaster recovery planning and virtualisation

    We take a good look at how features and functionality built into popular virtualisation environments can help with disaster recovery planning, testing and execution.

    Download

  • How to implement a successful application security program

    Network security is everywhere and we have all been hyperaware of securing the perimeter and having our firewalls on high alert. Now, application vulnerabilities are being exploited and it's time to do something about it. In this best practices guide, learn the steps to take towards implementing a successful application security program.

    Download

  • 5 steps to migrate to a cloud data warehouse

    Download this resource for the benefits and challenges of cloud data warehousing, and receive a 5-step guide to migrating to a cloud data warehouse.

    Download

  • Ensure successful data projects with a data audit

    Performing a comprehensive data audit can be the most crucial step to ensure a project is successful. The results of an audit can enable manufacturers to properly scope project objectives, expectations, and timelines. Use this self-assessment tool to discover how your data ranks under 5 categories.

    Download

  • Outsourcing the problem of software security

    This report from analyst group Quocirca assess the benefits of using on-demand services to ensure security throughout the application life cycle.

    Download

  • Explore a 6-step third-party assessment process

    Supply chain partners can be a weak link when it comes to security. Third-party assessments are a great way to manage that risk. But they can quickly become burdensome and create mountains of paperwork without necessarily improving security. In this white paper, explore Expel's 6-step third-party assessment process.

    Download

  • How to tackle risk taxonomy

    This Technical Standard provides a taxonomy describing the factors that drive risk – their definitions and relationships. This Technical Standard is not a reference or tutorial on how to assess or analyze risk, as there are many such references already available.

    Download

  • Report: Compare 12 top B2B marketing data providers

    Understanding how the right data can give your marketing strategy an edge can be the difference between reaching goal or making excuses. In this report, Forrester Research evaluated the strengths and weaknesses of top B2B marketing data providers. Get your copy of the complete report and create an achievable plan for success in 2019.

    Download

  • Assess your readiness for a cloud data warehouse

    Use this Eckerson Group research to learn more about the benefits and challenges of a cloud data warehouse, and assess your business' readiness for a move on factors including agility, security and networking.

    Download

  • Bug bounty programs: How to plan, launch and operate one

    Bug bounty programs can be very helpful in finding bugs within your system. They allow your engineering team to secure your systems faster and cheaper than ever before. In this e-book, learn everything you need to know to plan, launch and operate a successful bug bounty program.

    Download

  • Securing your code for GDPR compliance

    To help bridge this gap, use this GDPR checklist for how to secure databases combined with best practices in AppSec from PCI DSS, and expand those ideas, checks, and balances into a full application checklist for developers.

    Download

  • How does your organization assess compliance?

    CyberGRX assessments apply a dynamic and comprehensive approach to risk management. They aim to provide an in-depth view of how a vendor's security controls will protect against potential threats. Download this resource to learn how you can have an up to date view of your third-party portfolio, and spend less time filling in redundant spreadsheets.

    Download

  • SQL Server 2017 + open source software = added benefits

    Microsoft SQL Server 2017 already provides the database management you need for your critical data, application, and analytics workloads. Explore this resource to learn how you can use supplemental open-source software with SQL Server 2017 for additional benefits, such as speed, consistency, cost efficiency and more.

    Download

  • The essential security operations solution checklist

    Data breaches constantly threaten enterprises today. The biggest challenge that organizations face is coordinating incident response across the organization. Download this resource for access to an essential security operations solution checklist to help your organization better respond to security threats and vulnerabilities.

    Download

  • Case study: How UNC achieved authentication success with VR

    Biometrics are often perceived as being more secure than traditional passwords. However, this is not always the case. In this e-guide, learn how researchers at the University of North Carolina at Chapel Hill achieved authentication using a virtual reality model of an authorized user's face.

    Download

  • Inside: Template for formulating a business continuity plan

    Use this white paper as a template to formulate a solid business continuity plan for your organization. It includes instruction on auditing the scope for your business impact analysis, using scenario-based alerting, and more.

    Download

  • 5 steps to SDN success

    In this infographic, discover the 5 steps on how to be successful with SDN and Vodafone Ready Network.

    Download

  • How this platform could simplify your database administration

    The SentryOne database is designed to simplify server management by automating database administration and providing analytics for those databases on a dashboard. Read more about SentryOne's story and how the platform could simplify your organization's database administration.

    Download

  • IT in Europe E-Zine – The Cloud Issue

    There is enormous competitive advantage to be gained by organisations that understand how to take advantage of the opportunities for innovation that the cloud represents. In this month's IT in Europe, we aim to help point you in the right direction.

    Download

  • Blockchain: Keep transaction records permanently

    Blockchain acts as a permanent transaction history, similar to a distributed database - minus the ability to rollback transactions. Read this white paper for all the introductory information you'll need regarding blockchain.

    Download

  • Jargon buster guide to database management

    This Jargon Buster e-guide to contemporary database management is an aid to stepping back and thinking afresh about an area of enterprise IT that has many decades of heritage. Or, as many sometimes (arguably rudely) put it, legacy.

    Download

  • e-Guide: Evolving IT security threats: Inside Web-based, social engineering attacks

    Defending IT infrastructure involves understanding attack methods that are effective today. This expert e-guide highlights several characteristics of modern computer security threats to keep in mind as you assess and improve your information security program, and provides recommendations for dealing with them.

    Download

  • Open source as an alternative to proprietary relational database tech

    Read this handbook to examine the evolution of open source database software, its potential uses versus commercial database management systems and issues to consider before starting a deployment.

    Download

  • How to work around the limitations of in-memory databases

    Read this white paper for an explanation of why InterSystems IRIS data platform could be a viable alternative to in-memory databases and key-value stores for high-performance applications.

    Download

  • UK 2015 Cyber Risk Survey Report

    Many UK firms are failing to adequately assess their customers and trading partners for cyber risk, Marsh's UK Cyber Risk Survey reveals.

    Download

  • Database evaluation: The most important attributes for delivering value

    Read this white paper for results from a recent ESG survey on database environments, and information on how companies can better prepare themselves with modern database solutions.

    Download