Application Security for Every Scale
my.defence
Cloud computing was not designed for security, although organizations such as Cloud Security Alliance (CSA) and Open Web Application Security Project (OWASP) are making great strides in helping the industry solve the myriad security problems confronting cloud computing. The benchmark guidelines established by the CSA in the document, Guidance for Critical Areas of Focus in Cloud Computing, is a great first step. This white paper is intended to pick up where the CSA guide left off in terms of defining what a distributed web application firewall (dWAF) should look like in order to meet the standards set within the CSA document.
Putting Web Application Developers In Charge Of Security
Imagine a Web application developer charged with shepherding his enterprise app from development to operation -- including patching. This designated advocate would see the application through its life cycle, which theoretically should yield more secure Web applications, security experts say./p>
by Katie Serignese. May 19, 2010.
In a recent chat about Web app security (WebAppSec) with Georg Hess, prominent OWASP member and CEO of art of defense, a Regensburg, Germany-based application security provider, some interesting thoughts were raised. Hess discussed the need for a new role that would blend development, IT...
Know Thy Art Of Defence
When we talk about Cloud Computing and security in the same sentence, we immediately think about infrastructure security and a debate kicks off around the topic. Yes, infrastructure security is important and it is the headache of the IaaS provider. As a developer running a web...
Top 5 Security Perils of Forcing Applications onto the Cloud
Applications are typically built from the ground up using programming languages, such as PHP, JAVA or .NET by an internal development team or a third-party vendor with “For Internal Use Only” in mind. There has been a general assumption by...
OWASP updates application vulnerability list
The Open Web Application Security Project (OWASP) has refreshed its list of the top 10 web application vulnerabilities, swapping out two items for new risks.
OWASP, which is a nonprofit community that helps others develop trustworthy web applications, has highlighted unvalidated redirects and forwards as a significant...
Are organizations ready to move their most sensitive enterprise applications to the cloud?
It is no secret that today's most opportune hackers consider web applications to be the preferred means to either load malware onto end-user PCs or to plunder the potential gold mine that are corporate databases. And now that...
Security Vendors Show Innovation at RSA
On Wednesday, we mentioned that Cloud Computing security is the front-and-center focus of RSA 2010 and we took a look at the announcements from some of the biggest players. In this part of our RSA coverage, we’re bringing you announcements from some of the other...
Art of Defence, a distributed Web application firewall (dWAF) provider, announced its cloud-based SaaS solution, hyperguard SaaS; it is available through the GoGrid Cloud. GoGrid customers can access hyperguard SaaS by deploying a GoGrid Partner Server Image (GSI) with hyperguard...
When it comes to security, the race often goes to the paranoid. Companies that effectively dodge, turn, and parry hacker attacks and employee lapses get to stay out of the headlines and don’t have to face costly lawsuits.
But paranoia works best when it’s tempered with clear thinking,...
