security testing
Application security: Getting it right, from the start
Security testing data is “the unsung hero” of securing application development. It’s the backbone of application development quality, compliance and risk management, and rests …
Best practices and challenges in adopting continuous software testing
Businesses must accelerate the shift to comprehensive continuous software testing in order to remain competitive, according to a report released by Capgemini and Broadcom. The …
SecOps teams face challenges in understanding how security tools work
Security professionals are overconfident in their tools with 50% reporting that they have experienced a security breach because one or more of their security products was not …
The rise of continuous crowdsourced security testing for compliance
A large percentage of organizations and institutions are moving toward a rigorous, continuous testing model to ensure compliance, a Synack report reveals. As part of this …
CrackQ: Efficient password cracking for pentesters and red teamers
CrackQ employs automation to make password cracking a faster and more efficient undertaking for pentesters and red teamers. CrackQ dashboard “Regular security testing is …
Most IT pros find red team exercises more effective than blue team testing
More than one-third of security professionals’ defensive blue teams fail to catch offensive red teams, a study from Exabeam reveals. The survey, conducted at Black Hat USA …
Organizations that scan applications in production have a reduced risk of being breached
Despite a significantly increased focus on application security testing, remediation rates for vulnerabilities continue to shrink, according to WhiteHat Security. Setu …
Microsoft’s Attack Surface Analyzer now works on Macs and Linux, too
Microsoft has rewritten and open-sourced Attack Surface Analyzer (ASA), a security tool that points out potentially risky system changes introduced by the installation of new …
Quality Assurance and Testing is a bottleneck to implementing DevOps for many organizations
The practice of Continuous Testing – the process of fast and efficient validation of software releases in agile developments through highly automated tests – is gaining ground …
Two thirds of Android antimalware apps are ineffective or unreliable
Choosing an effective Android antimalware app is a shot in the dark for many users and they may end up in more danger of malicious apps, not less. In fact, as the results of …
Should you trust that Chrome extension? Use CRXcavator to decide
Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator …
Making informed decisions: The importance of data driven security
When deciding what product to buy, the information the vendor offers about the product is helpful, but not nearly enough: you need to analyze individual product results and …
Featured news
Resources
Don't miss
- Synology issues critical fix for MailPlus Server vulnerabilities
- Mystery hackers use novel SharkLoader dropper against governments, software devs
- A privacy-first take on local malware analysis
- Two CEOs on why security and AI readiness belong together
- The uptime questions every engineering leader should ask this week