Apple app developer news Android app developer news

Application Security News

App security news so developers can protect their code, and users.
Behavioral and biometric mobile authentication will end passwords

Behavioral and biometric mobile authentication will end passwords

Friday, September 15, 2017 by

You can say this about passwords: they're incredibly resilient. Not in a bulletproof kind of way but, more precisely, in terms of how long they've been around. According to Robert Svensson in his book "From Hacking to Report Writing: An Introduction to Security and Penetration," the first computer system to use passwords was built by researchers at the Massachusetts Ins...

Carriers team up to provide better mobile authentication

Carriers team up to provide better mobile authentication

Thursday, September 14, 2017 by

Mobile users are faced with the challenge of managing dozens of difficult-to-remember passwords for many applications. Even with the best user practices, hackers can social engineer passwords from users, leaving consumers and enterprises vulnerable to identity theft, bank fraud, fraudulent purchases and data theft.To help tackle this issue, AT&T, Sprint, T-Mobile an...

Four privacy questions every developer needs to answer

Four privacy questions every developer needs to answer

Wednesday, September 13, 2017 by

Over the past twelve months, the internet-connected doll My Friend Cayla went from one of the hottest toys of the holiday season to an internationally-classified "espionage device." The doll was the subject of an FBI warning, banned from sale or ownership in Germany, and eventually dropped from every major retailer in the United States. Despite the nearly universally hi...

Tips for securing container deployments

Tips for securing container deployments

Friday, September 01, 2017 by

Container deployments are still susceptible to the regular threats that other types of deployments are - including DDoS and cross-site scripting attacks. In fact, hackers often take advantage of compromised containers to scan sensitive data, download malware, or privilegeunauthorized access to any of your containers, hosts or data centers.Fei Huang is the CEO of NeuVect...

The HBO hack reveals how vulnerable data is to black hats

The HBO hack reveals how vulnerable data is to black hats

Thursday, August 31, 2017 by

The HBO hack is the latest in a string of high-profile hacks over the last two years (Dropbox, Yahoo!, UK Ministry of Health) where a handful of vulnerable servers were compromised and used to take down and steal information. Studies have shown the next year represent a turning point in the digitization of enterprise content. A recent Forrester study commissioned by Alf...

Codeless security integrations by Blackberry and Appdome announced

Codeless security integrations by Blackberry and Appdome announced

Tuesday, August 15, 2017 by

BlackBerry Limited and Appdome, a cloud hub for mobile app integration, announced they are enabling codeless integration of secure voice, video and messaging capabilities. Available under Appdome’s newest service category, Secure Messaging, the BBM Enterprise SDK (software development kit) offers a growing set of secure communications capabilities that mobile app develo...

Veracode announced two new key integrations

Veracode announced two new key integrations

Friday, August 11, 2017 by

Veracode, a software security company acquired by CA Technologies, has announced the Veracode HPE Application Lifecycle Manager (ALM) Flaw Synchronizer Plug-in, which empowers development and QA/release engineers to fix security vulnerabilities early in the Software Development Lifecycle (SDLC). The company also announced an enhanced integration to the Veracode Applicat...

NoSQL databases can now use Hackolade's CLI

NoSQL databases can now use Hackolade's CLI

Tuesday, August 08, 2017 by

With GDPR quickly approaching, Hackolade has announced its Command Line Interface (CLI) to help companies with the pending GDPR (General Data Protection Regulation) regulatory compliance (scheduled for May 25, 2018), along with overall corporate data governance needs. The CLI is currently available for the following NoSQL databases: MongoDB, Couchbase, DynamoDB, and Azu...

Developers are most wary of these technologies being hacked

Developers are most wary of these technologies being hacked

Wednesday, August 02, 2017 by

In a new survey by Netsparker Ltd., a provider of web applications security, developers agreed that the government and financial services are the two sectors most vulnerable to hacking and that smart home IoT is the most vulnerable technology.Propeller Insights conducted the recent survey of U.S.-based software developers for Netsparker from July 5-7, 2017.Government mo...

Checkmarx acquired Codebashing

Checkmarx acquired Codebashing

Tuesday, July 25, 2017 by

Checkmarx has acquired Codebashing, an application security education company that delivers Game-like AppSec Training for Developers.Traditional secure coding education is ineffective and cannot scale to deliver continuous and across the board secure coding knowledge. Long training courses disrupt the developer’s daily routine and don't address the specific challenge as...

HUMANOBOT can discover non-human activities trying to commit fraud

HUMANOBOT can discover non-human activities trying to commit fraud

Tuesday, July 25, 2017 by

SecuredTouch's HUMANOBOT behavioral biometrics tech has recently fine-tuned its platform to better detect non-human activities like bots and emulators trying to commit fraud. HUMANOBOT detects non-human behavior generated by bots, malware, and automated scripts and stops fraud-focused emulators within mobile applications.The system recognizes these behaviors using advan...

InnoVault lets you embed end-to-end data security encryption to apps

InnoVault lets you embed end-to-end data security encryption to apps

Friday, July 21, 2017 by

Tozny, which has built a secure, privacy-preserving and password-free mobile authentication system, has announced the launch of InnoVault, an easy-to-use toolkit allowing developers to embed end-to-end data security encryption capabilities into their websites, apps, or software. As a result, developers can now raise the level of their data security and privacy managemen...

Software developers are easy targets for hackers study finds

Software developers are easy targets for hackers study finds

Thursday, July 20, 2017 by

Netsparker Ltd., a company in the web applications security industry, has released survey results showing that most software developers make themselves easy targets for hackers, even when they are behind a corporate firewall. The primary reason is not that their web server software is out of date, however. Instead, it is largely the result of developers running vulnerab...

Metadata can be deadly in cyber exploitation

Metadata can be deadly in cyber exploitation

Tuesday, July 18, 2017 by

When someone says "There's no cause for concern, it's only metadata" you can send them this:Metadata, or “data about data,” is collected and recorded to describe data, identify trends, administer algorithmic solutions, and model potential scenarios. When one understands how to make sense of seemingly random metadata or how to pair the data with other exfiltrated data po...

Cloud native app firewall Twistlock 2.1 launches

Cloud native app firewall Twistlock 2.1 launches

Monday, July 17, 2017 by

Twistlock, a provider of cloud container security solutions, has announced the availability of Twistlock 2.1. The latest release of their flagship product includes a first of its kind cloud native app firewall, vulnerability risk ranking that uses knowledge of an enterprise’s unique environment to prioritize what to fix first, a brand new dashboard and integrated secret...

New biometric authentication could be a password killer

New biometric authentication could be a password killer

Wednesday, July 12, 2017 by

Pramati Technologies has announced the ThumbSignIn biometric authentication SaaS platform for mobile and web applications and additionally its certification by the FIDO Alliance. The platform enables enterprises and service providers to deploy strong authentication solutions that reduce reliance on passwords and protect against phishing, man-in-the-middle, and replay at...

Apperian announces new security capabilities

Apperian announces new security capabilities

Monday, July 03, 2017 by

Apperian, an Arxan company and provider of mobile application management (MAM) and security solutions, has announced several platform enhancements, which increase the security of enterprise mobile app data. These updates take advantage of native device capabilities, multiple industry protocols and additional password controls, to provide a solution for distributing secu...

With DevOps security must work differently

With DevOps security must work differently

Tuesday, June 27, 2017 by

Because “software is eating the world,” as Mark Andreessen famously noted, application security gets harder every day; every line of code written opens organizations to new vulnerabilities and breaches. Furthermore, legacy solutions, such as static analysis, dynamic analysis and web application firewalls have failed to keep pace with Agile and DevOps practices. Teams ne...

VASCO launches overlay detection in DIGIPASS

VASCO launches overlay detection in DIGIPASS

Thursday, June 22, 2017 by

VASCO Data Security International, Inc., a provider of identity, security and business productivity solutions, has announced its ability to help organizations detect and mitigate mobile application overlay attacks through added functionality in the DIGIPASS for Apps Runtime Application Self-Protection (RASP) module.Overlay attacks are increasingly being deployed to stea...

Why runtime application self-protection is critical for app security

Why runtime application self-protection is critical for app security

Tuesday, June 20, 2017 by

Today most of us go about implementing security from the outside in. The common practice is to start by defining a perimeter and trying to defend it with various security tools. Even though perimeters have been porous for more than a decade, we still can’t give up this notion that if we build a better wall we can keep our enterprises safer.Certainly that is where most e...

Next Page >>Last >>     

Subscribe to App Developer Daily

Latest headlines delivered to you daily.