You've requested...

Share this with your colleagues:

Download this next:

Secure coding best practices for developers

Cybersecurity risks are steadily increasing; meaning application security is an absolute necessity. It’s no longer sufficient to quickly scan code after writing; secure coding practices must be a part of every developer’s skill set.

This may be new for many developers, but the success of your organization’s applications depends on your ability to weave security into your code from the start.

Access this whitepaper to learn some of the best steps you can take today to have more secure coding practices, and the many risks you’ll be able to address.

These are also closely related to: "Broken Access Controls"

  • BadUSB 2.0: Exploring USB man-in-the-middle attacks

    The uses and capabilities of rogue USB hardware implants for use in cyber espionage activities is still very much an unknown quantity. Security professionals would benefit from tools capable of exploring the threat landscape while increasing awareness and countermeasures.

    BadUSB 2.0 or BadUSB2 is an investigative tool capable of compromising USB fixed-line communications through an active man-in-the-middle attack. It is able to achieve the same results as hardware keyloggers, keyboard emulation devices and earlier BadUSB hardware implants, thus providing an insight into how these attacks may be prevented.

    Furthermore, BadUSB2 is able to evaluate new techniques to defeat keyboard-based one-time-password systems, automatically replay user credentials, as well as acquire an interactive command shell over USB. 

  • Your GDPR checklist for container security

    Embedding GDPR-related controls into the DevOps cycle can automate compliance efforts and rapidly mitigate security risks.

    This white paper offers personal data protection and GDPR compliance strategies to implement throughout DevOps environments when deploying applications.

    Furthermore, uncover a GDPR checklist for container security and how to address specific GDPR requirements.

Find more content like what you just read:

  • Everything you need to know about IAST

    Interactive Application Security Testing (IAST) is a technology for automatically identifying and diagnosing software vulnerabilities in applications and APIs. IAST continuously monitors your applications for vulnerabilities from within. In this white paper, learn everything you need to know about IAST.

    Download

  • Sandnet++ – A framework for analysing and visualising network traffic from malware

    This article in our Royal Holloway Security Series looks at Sandnet++, a framework for analysing and visualising network traffic from malware

    Download

  • Container security according to the National Institute of Standards and Technology

    The NIST (National Institute of Standards and Technology) has released a container security guide to provide practical recommendations for addressing the specific security challenges of container environments. Click here to open the guide.

    Download

  • Financially motivated threat actor groups: A detailed view into their inner workings

    Download this report to explore a detailed view into the inner workings of financially motivated threat actor groups, including their preferred tactics and tools. Gaining an understanding of the anatomy of these attacks can help your team to improve visibility into the threats and expedite rapid detection and response.

    Download

  • The dangers of IoT botnets vs. traditional botnets

    Gartner estimates that there will be 20 billion connected devices by 2020. Access this resource to learn about the history of IoT botnets and how the rise of connected devices can bring upon the rise of dangerous bot attacks.

    Download

  • Hitachi ID Privileged Access Manager: Everything you need to know

    In this resource, discover all of the key benefits and capabilities of Hitachi ID's Privileged Access Manager.

    Download

  • 5 keys to achieving privileged account management

    One of the most important aspects of an IAM program is the securing, management and governance of privileged accounts. This resource uncovers strategies for successfully managing privileged accounts in order to improve your IAM approach.

    Download

  • E-Guide: Preventing and detecting security vulnerabilities in Web applications

    The extent of fundamental security flaws in most applications often requires a re-architecture, but there are some secondary measures information security teams can take to safeguard faulty applications. This expert tip maps out the steps security professionals should take to lock down their Web applications.

    Download

  • An analysis of GreyEnergy's phishing attack

    GreyEnergy uses a common infection method, phishing emails with infected documents. However, the malware's code is anything but common – it is well written, smartly put together and designed to defeat detection by cybersecurity products. In this white paper, dive into an analysis of how the malware works.

    Download

  • Key takeaways from The Vulnerability Epidemic in Financial Mobile Apps study

    This study examines the perceived security of financial mobile apps. It highlights the systemic problem across the financial services industry of FIs' failure to properly secure their mobile apps. In this research report, explore key takeaways from the study which can be used as a guide to help you secure your mobile applications.

    Download

  • DevSecOps best practices for financial service institutions

    Find out how financial service institutions (FSIs) can meet strict security regulations and create a culture of truly secure software development to deliver the best possible products while safeguarding customer data.

    Download

  • How WordPress, VPNs, and outdated TLS can increase the risk of security breaches

    In this white paper, learn how WordPress, VPNs, outdated TLS, and web apps built with modern stacks can increase the risk of security breaches and how to reduce that risk.

    Download

  • Finding your best security balance for app developers

    Learn how to strike the right security balance for your organization in this whitepaper, and transform security into an opportunity to build customer satisfaction, attract new customers, and further differentiate your business.

    Download

  • 5 top attack vectors to protect against

    Recently, there has been an abundance of cyberattacks in the news with popular companies, such as Uber and Equifax. Explore this resource to uncover how to protect against the top 5 attack vectors.

    Download

  • How to comply with the NERC CIP standards with the help of Claroty

    Electric industry asset owners are subject to mandatory cybersecurity regulations known as the NERC CIP standards. In this white paper, learn how Claroty's fully integrated platform supports entities' compliance efforts while helping to improve the cybersecurity and operational reliability of power generation and transmission systems.

    Download

  • Why is security for DevOps so important?

    DevSecOps has become an essential component to the way we develop, ship, and maintain code, but without proper security practices in place, the DevOps pipeline can lead developers to deploy compromised code. Discover why security for DevOps is so important, as well as tools that can help you build security into your DevOps pipeline.

    Download

  • Best practices for securing open source code

    You never want to leave security to chance. Open this report to find best practices for finding and mitigating security vulnerabilities in your open source code.

    Download

  • E-Guide: Prioritizing Application Security Concerns

    Application security has significantly grown and developed in sophistication over the past few years, but so have the threats that seek to wreak havoc on your software. Read this expert e-guide to learn best practices on how to ensure your applications are protected with the highest level of security possible.

    Download

  • Common types of web threats: Browser-based cryptomining, plugins and more

    Browsers are integral to an effective working environment but they also serve as the perfect cyberattack vector. Web-based attacks are one of the top methods of system compromise and they are on the rise. In this brief, explore common types of web threats.

    Download

  • 5 ways to minimize the impact of a cyberattack – Threat detection

    If your organization is looking to improve the effectiveness of your threat detection program, uncover the top 5 recommendations for effective threat detection, today.

    Download

  • e-Guide: Evolving IT security threats: Inside Web-based, social engineering attacks

    Defending IT infrastructure involves understanding attack methods that are effective today. This expert e-guide highlights several characteristics of modern computer security threats to keep in mind as you assess and improve your information security program, and provides recommendations for dealing with them.

    Download

  • How to fully secure apps from the inside out

    To protect against threats to JavaScript apps, organizations need more than just WAFs, they need a way to secure apps from the inside out, starting with code. Download this white paper to learn about a multilayered approach that can help protect your apps before it's too late.

    Download

  • Application Security Handbook: Application Security: Managing Software Threats

    Check out this expert e-book from the editorial team at SearchSoftwareQuality.com to read the following three articles designed to help you address your application security before it's threatened: 'Ten Ways to Build in Security From the Start', 'Secure Your Mobile Apps in Enterprise Integration', and 'How to Boost Your Application Security Savvy'.

    Download

  • 5 keys to privileged account security

    Granting privileged access increases the risk of a security breach, no matter what industry your organization represents. This resource provides strategies for preventing security breaches and offers 5 steps to mitigate the risks of privileged accounts

    Download

  • Keep compliance costs down with automation

    Compliance may not be the top line item in your IT budget, but with new regulatory requirements and security standards presenting themselves at an accelerated rate, it soon might be. Download this white paper to learn how you can meet security and compliance requirements at scale across your organization.

    Download

  • SECURE TOKENS:PREVENTING TWO-FACTOR TOKEN AUTHENTICATION EXPLOITS

    This expert guide examines on the common types of attacks used against two-factor authentication, and discusses what they can mean for future security threats and how you can protect against them.

    Download

  • E-Guide: How to Combat the Latest Cybersecurity Threats

    It takes a great deal of time and money to fine-tune IT security in response to evolving IT security threats and attack tactics. This expert e-guide provides an in-depth overview of modern computer security threats and offers technical advice on how to deal with them.

    Download

  • Application security: More important than ever

    In this e-guide we look at why application security is more important than ever due to traditional software and cloud-based, web and mobile applications playing an increasingly important role in business.

    Download

  • Technical Guide on Emerging Threats

    It takes time and money to adjust IT security in response to evolving attack tactics. As defenders gradually update their security measures, attackers respond accordingly. Such arms-race dynamics lead to threats of increasing sophistication and efficiency.

    Download

  • 7 common security mistakes when migrating to the cloud

    The speed of cloud migration is outpacing the speed of security team expansion. How do you keep up? Read on to learn how to prevent such a security regression when migrating to the cloud.

    Download

  • Top 5 attack vectors

    This white paper walks through the top 5 security attacks, by providing insights into tactics, techniques and procedures commonly used by threat actors. Then, find out how a managed detection and response strategy can take your security protocols to the next level and protect your organization.

    Download

  • Combating Android app repackaging attacks

    This article in our Royal Holloway Information Security Thesis Series looks at how apps repackaged through reverse engineering pose a big security risk to the Android smartphone operating system.

    Download

  • Privileged management – Building it into your incident response plan

    Today, cybercriminals can create a blueprint of the entire network and operations. Discover the telltale indicators you're under attack and the plans you need to have in place to protect your privileged accounts.

    Download

  • 4 tips for ensuring your code is secure

    According to the Software Engineering Institute (SEI), 90% of reported security incidents result from exploiting vulnerabilities in software code or design. Don't let simple coding errors lead to hacking threats. Take a look at this whitepaper to learn 4 ways to ensure your code is secure.

    Download

  • Incident response insights that matter for 2019

    In this report, discover how the CrowdStrike Falcon can deliver the visibility and operational expertise necessary to stop breaches before adversaries can take control of your entire network, as well as stories from the front lines of incident response in 2018 and insights that matter for 2019.

    Download

  • Incident response: Key trends and recommendations

    In this report, discover how the CrowdStrike Falcon can deliver the visibility and operational expertise necessary to stop breaches before adversaries can take control of your entire network, as well as stories from the front lines of incident response in 2018 and insights that matter for 2019.

    Download

  • Explore how adversaries use fileless attacks to evade your security

    According to CrowdStrike, 8 out of 10 attack vectors that resulted in a successful breach used fileless attack techniques. Access this white paper to learn how fileless attacks work and why traditional techniques fail to protect your organization.

    Download

  • How to prevent fileless attacks

    According to CrowdStrike, 8 out of 10 attack vectors that resulted in a successful breach used fileless attack techniques. Access this white paper to learn how fileless attacks work and why traditional techniques fail to protect your organization.

    Download

  • The rise of ransomware & the attraction of the cloud

    This white paper zeroes in on the various components of a cloud environment and offers best practices for creating a secure infrastructure. Read on for 11 ways to ensure strong security best practices in your organization.

    Download

  • Dropbox Business security features

    In this white paper, explore your collaboration platform options with Dropbox Business. Get an overview of Dropbox product features, and explore the security a Dropbox Business collaboration platform can offer your organization.

    Download

  • Explore tips for blending DevOps and security programs

    If you want to build out your DevOps and security programs in order to improve your application security initiatives, vulnerability testing has to be baked into your day-to-day processes. In this e-guide, explore tips for blending DevOps and security in order to help your organization catch vulnerabilities and resolve them quickly.

    Download

  • API security: Where the shifting landscape is going

    Over the last couple of years, the API security landscape has significantly shifted and expanded due to growing threats and the evolving life-cycle for deploying, managing, testing and operating APIs. Download this white paper for an overview of how we got here, where things are going, and how the landscape is beginning to rapidly shift and evolve.

    Download

  • 10 ways to minimize container security risks

    In this resource, find out the ten key things DevOps should keep in mind when developing and securing containerized applications to minimize the risk posed by loose vulnerabilities.

    Download

  • E-Guide: New Malware Threats Require New Antimalware Protection Strategy

    This expert e-guide examines emerging threats and malware that are targeting smartphones, mobile apps, social media, and cloud services. Inside, discover essential strategies and best practices for mitigating these risks and ensuring enterprise security.

    Download

  • CW ASEAN November 2016

    Small businesses in the ASEAN region could unknowingly be allowing hackers to access large corporate networks.

    Download

  • 6 backup tips to protecting data against ransomware

    Many enterprises look to disaster recovery and backup to protect them (they can't ransom data you have a secure copy of), but that's easier said than done. Discover 6 backup tips to help protect your company from ransomware.

    Download

  • Cyber security costs expected to reach an all-time high

    Enter this whitepaper to learn about the security aspects that go into developing and operating digital, cloud-based remote monitoring platforms built to keep data private and infrastructure systems secure from attackers.

    Download