Code Exploits

Network security vs. application security: Why you need both for strong enterprise risk management

Network security vs. application security: Why you need both for strong enterprise risk management

It can be challenging to juggle both application and network security and know how many of your resources you should devote to each program. Organizations often take an either/or approach, focusing more attention on either application security or network security. However, both are equally important for a comprehensive enterprise risk management strategy.

How to manage IoT application security vulnerabilities more efficiently

How to manage IoT application security vulnerabilities more efficiently

As the number of IoT applications and devices continues to grow, so does the need for improved IoT security—yet the reality is we have a long way to go. A recent article pointed out that more than 2 million security cameras, doorbells, and even baby monitors contain serious IoT vulnerabilities. The worst part is there is no known patch for the common flaws in these everyday devices. 

Common application security challenges & how to overcome them

Common application security challenges & how to overcome them

Application security challenges lie not only in the threats and application vulnerabilities themselves, but also in the processes and approaches taken within the organization to manage application security. A closer look at some of the top application security challenges from both a threat standpoint and a business management view can help you avoid some of the most common pitfalls.

The importance of broken authentication and session management to application security

The importance of broken authentication and session management to application security

Managing usernames and passwords has become a cumbersome task in today’s internet-driven world. However, this is a necessary evil due to the rapid growth in data, advancements in mobile and cloud technologies, and the increasing plethora of security breaches seeming to happen every other day. As a result, authentication and session management has become more advanced to protect the data, systems, and networks that our society relies upon.

Vulnerability Management: Is 100% code and vulnerability coverage realistic?

Vulnerability Management: Is 100% code and vulnerability coverage realistic?

In the world of application security testing, the terms “code coverage” and “vulnerability coverage” are frequently used. But what do they really mean? Essentially, code coverage is the amount of the code that is scanned to identify potential vulnerabilities in a software application. Vulnerability coverage refers to the number of defects or system misconfigurations in the software code that could pose potential threats.

The perfect union: Vulnerability Assessment and Penetration Testing  (VAPT)

The perfect union: Vulnerability Assessment and Penetration Testing (VAPT)

One hundred percent—all of the applications Positive Technologies tested—had some kind of vulnerability. You might think, “Yeah, but how many of those were real, critical vulnerabilities?” Well, ninety-four percent of web applications tested contained a high-severity software flaw. Eighty-five percent of those same applications contained at least one confirmed, exploitable vulnerability.