software development

Introducing security into software through APIs

June 5, 2017

Application programming interfaces (APIs) can make life easier for software developers, allowing them to concentrate on what they do best and preventing them from being forced …

Software security assurance: Everybody’s invited

May 22, 2017

As more and more things in this world of ours run on software, software security assurance – i.e. confidence that software is free from vulnerabilities (either …

How secure are mobile banking apps?

April 27, 2017

Do banking institutions have a good handle on the things they need to remediate and new control layers they need to adopt to keep users secure? To answer those questions, …

Scan Ruby-based apps for security issues with Dawnscanner

October 12, 2016

Dawnscanner is an open source static analysis scanner designed to review the security of web applications written in Ruby. Dawnscanner’s genesis Its developer, Paolo …

Project Springfield: Cloud-based fuzz testing for uncovering million-dollar bugs

September 27, 2016

This Moday Microsoft debuted Project Springfield, a cloud-based fuzz testing (aka fuzzing) service that the company has been working on for a quite a while. David Molnar and …

How the EFF was pushed to rethink its Secure Messaging Scorecard

August 11, 2016

As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired. The idea was to provide a …

Intel Crosswalk bug invalidates SSL protection

August 1, 2016

A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have …

Review: DevOpsSec

June 14, 2016

About the author Jim Bird, CTO of a major US-based institutional alternative trading system, has more than 20 years of experience in financial services technology, including …