Join us for a free mobile app security threats webinar on Tuesday
Friday, December 7, 2018 by Richard Harris
In 2016, a record 3 billion Yahoo accounts were hacked, and Uber reported that hackers stole the information of over 57 million accounts. Then in 2017, 412 million user accounts were taken from Friendfinder’s sites, and 147.9 million consumers were affected by the Equifax Breach. In 2018, Under Armor said that that it's My Fitness Pal app was hacked, affecting...
Fortnite for Android is a trailblazing risk for mobile banking
Tuesday, August 14, 2018 by Sam Bakken
CEO Tim Sweeny of Epic Games, the publisher of the wildly popular Fortnite game, is on a mission to “advance the openness of all platforms” - not to mention side-step Google’s 30% take of developer proceeds - by distributing Fortnite for the Android platform via their website rather than the Google Play store. I applaud a maverick challenging the statu...
Avoid mobile cybersecurity threats by checking the source
Thursday, July 5, 2018 by Sam Bakken
Earlier this month IT news organizations around the globe reported that Epic Games’ popular Fortnite game was being counterfeited and malicious actors were, in fact, lacing the imposter apps with malware.
We’re only human, and people unwittingly let their guard down in anticipation of something they're passionate about, or when they think they might b...
The battle of biometric security coming in 2018
Friday, November 3, 2017 by Kevin Tussy
Fingerprint sensors first appeared in smart devices in 2007 and then gained momentum as a 4-digit PIN code replacement in 2013's Apple iPhone 5S. Hailed as the future of authentication by some, fingerprint's security weaknesses were quickly exposed by the children of sleepy dads, cats' paws and gummy bears. Still, the lure of convenience today and the promise of securit...
Stop the menace of Android rooting malware attacks with RASP
Monday, September 25, 2017 by Frederik Mennes
One of the key security issues facing organizations that support Android devices is the risk of rooting malware. A number of malware families on the Android mobile OS attempt to obtain root access once installed because the elevated privileges gained come in handy to perform malicious activities.
What you need to know about Tordow v2.0 and Pegasus
The To...
NoSQL databases can now use Hackolade's CLI
Tuesday, August 8, 2017 by Richard Harris
With GDPR quickly approaching, Hackolade has announced its Command Line Interface (CLI) to help companies with the pending GDPR (General Data Protection Regulation) regulatory compliance (scheduled for May 25, 2018), along with overall corporate data governance needs. The CLI is currently available for the following NoSQL databases: MongoDB, Couchbase, DynamoDB, and Azu...
With DevOps security must work differently
Tuesday, June 27, 2017 by Richard Harris
Because “software is eating the world,” as Mark Andreessen famously noted, application security gets harder every day; every line of code written opens organizations to new vulnerabilities and breaches. Furthermore, legacy solutions, such as static analysis, dynamic analysis and web application firewalls have failed to keep pace with Agile and DevOps practices. Teams ne...
App Verify SDK gets update for new iOS capabilities
Wednesday, June 21, 2017 by Richard Harris
TeleSign, an end-to-end communications platform as a service (CPaaS), has announced new iOS capabilities for its mobile app verification service, App Verify. App Verify for iOS is a lightweight software development kit (SDK) that enables mobile app developers to streamline the onboarding account verification process to assist with increasing conversions and providing id...
Why runtime application selfprotection is critical for app security
Tuesday, June 20, 2017 by David Strom
Today most of us go about implementing security from the outside in. The common practice is to start by defining a perimeter and trying to defend it with various security tools. Even though perimeters have been porous for more than a decade, we still can’t give up this notion that if we build a better wall we can keep our enterprises safer.Certainly that is where most e...
Invisible payments inside mobile apps problem
Monday, June 19, 2017 by Richard Harris
Have you ever wondered how Uber automatically charges you for your ride without making you pull out your credit card or sign a receipt? "Invisible payments" like these are a growing trend and aside from ride sharing, the technology is now being implemented by companies with Amazon and major restaurant chains. For brands, invisible payments enhance the consumer experienc...
DevSecOps will help security and developers play nice
Thursday, June 15, 2017 by Richard Harris
Veracode, a security software company acquired by CA Technologies, has announced the results of a study examining the relationships between application developers and security teams.The study, conducted in conjunction with Enterprise Strategy Group (ESG), shows that despite the pervasive belief that security and development teams have conflicting priorities, initiatives...
Enterprise threat dubbed HospitalGown infests thousands of apps
Tuesday, June 6, 2017 by Richard Harris
Appthority, an enterprise mobile threat protection company, published research on a newly discovered backend data exposure vulnerability, dubbed HospitalGown, that highlights the connection between mobile apps and insecure backend databases containing enterprise data. Appthority documented more than 1,000 apps with this vulnerability, and researched in detail 39 applica...
Get mobile printing up and running: What CIOs need to know
Wednesday, May 24, 2017 by Brent Richtsmeier
Enterprise workplace infrastructure is changing. Gartner found that total mobile sales into the enterprise globally are greater than 200,000 per year, while PCs are half that. The PC installed base has been on a steady decline since 2014, while the mobile installed base is on the rise - meaning mobile is set to surpass the PC installed base in 2017.However, even as more...
Route the Internet faster with Argo from Cloudflare
Monday, May 22, 2017 by Richard Harris
Cloudflare has announced Argo, a service that intelligently routes traffic across the Internet for a faster, more reliable, and more secure online experience.The Internet is inherently unreliable. Its massive collection of networks from different providers experiences delays and outages all the time. Internet users experience these problems as slowness reaching websites...
Improve mobile app security by turning it into code
Monday, May 8, 2017 by Jeff Williams
Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...
NodeSource N|Solid for Alpine Linux
Wednesday, April 19, 2017 by Christian Hargrave
NodeSource, the Node.js company, has announced the release of NodeSource N|Solid for Alpine Linux, the newest addition to its enterprise-grade Node.js platform that enables a secure, reliable and extensible platform for Node.js applications. The latest release makes it easier for teams using Docker containers with the popular Alpine Linux distribution to leverage the en...
DOD releases PostgreSQL security technical implementation guide
Friday, March 24, 2017 by Richard Harris
Crunchy Data, a provider of open source PostgreSQL, has announced the publication of a PostgreSQL Security Technical Implementation Guide (STIG) by the U.S. Department of Defense (DoD), making PostgreSQL the first open source database with a STIG. Crunchy Data collaborated with the Defense Information Systems Agency (DISA) to evaluate PostgreSQL against the DoD’s securi...
Intentbased mobile app security: It's harder than you think
Thursday, March 23, 2017 by John Morello
Recently, intent-based security has become a buzzword and a commonly used phrase in the developer community. However, this new wave of security is much more than just a catchphrase. The concept of intent-based security adds a new level of protection to applications in containerized environments, specifically by understanding what the app is intended to do and looking fo...
Iris Scanning and the Future of Mobile Security
Wednesday, September 14, 2016 by Dr. Salil Prabhakar
The promise of iris scan technology has been shown in sci-fi movies for decades. Various governments use it to secure borders, defense facilities, banks use it to authenticate high value transactions, secure access to safes and vaults. Recent advancements in the evolving mobile biometrics field has brought iris recognition technology to our hands – to our mobi...
Being Ready for a MobileFirst Business Strategy
Sunday, July 31, 2016 by Sravish Sridhar
If your business isn’t talking about its mobile strategy yet, it’s only a matter of time. According to 451 Research, 40 percent of companies will prioritize the mobilization of general business apps over the next two years, compared to just mobilizing field service and sales teams. Companies recognize mobility offers huge business benefits, from driving customer satisfa...
Five Common Mobile App Security Vulnerabilities And How to Fix Them
Saturday, April 30, 2016 by Seth Jaslow
Mobile app security leaves much to be desired. That was the conclusion of a 2016 Hewlett Packard Enterprise (HPE) study which found that a staggering 96 percent of 36,000 mobile apps failed at least one of 10 privacy checks. Three years ago, a similar HPE study found that 97 percent of 2,000 apps reviewed held insecure private information. As mobile app usage conti...
A Developer's Perspective on Mobile Security in the Age of BYOD
Thursday, March 31, 2016 by Joe Schulz
With the cost savings of BYOD continuing to lure organizations to adopt this approach, the number of companies allowing employee-owned devices is still on the rise, as well. In early 2015, Tech Pro Research announced that 74 percent of organizations either already allow or were planning to allow employees to bring their own devices to work. At the time of this writing, ...
New Mobile Security Report Shows Most Apps Have Critical Vulnerabilities
Tuesday, November 10, 2015 by Richard Harris
Checkmarx and AppSec Labs have released a new mobile app security titled “The State of Mobile Application Security 2014-2015”. Among the findings of the report is that the typical app is exposed to an average of 9 different vulnerabilities. The report also indicates in situations where vulnerabilities are built into the code or application logic, the vulnerability of iO...
Mocana Atlas Platform Now Integrates with Apperian Mobile Application Management Solution
Wednesday, April 22, 2015 by Stuart Parkerson
Mocana has announced that it has integrated its Mocana Atlas solution with the Apperian mobile application management (MAM) platform to provide security for managed and unmanaged device on the Apperian platform.Apperian’s MAM platform provides fine-grained security and dynamic policy controls at the individual app level, ensuring safe app deployment. The new integration...
New Flexera Report Highlights Dangers of Unchecked Employee BYOD Mobile Apps
Wednesday, March 25, 2015 by Richard Harris
A new Flexera Software/IDC Survey Report - The BYOD Trojan Horse: Dangerous Mobile App Behaviors & Back-Door Security Risks – indicates that enterprises are not doing nearly enough to understand which mobile app behaviors hitting their networks and data are risky, nor are they testing apps for those risky behaviors to ensure proper enforcement of their BYOD policies...
CA Technologies New API Management, DevOps, Security, and Management Cloud Solutions at CA World
Tuesday, November 11, 2014 by Richard Harris
CA Technologies kicked off its annual CA World conference this week in Las Vegas with the announcement of new security, API management, DevOps, and management Cloud Solutions. The annual event features over 5,000 attendees gathering together to learn about new CA products and other innovations in the new application economy.DevOps SolutionsCA Technologies announced new ...
VMware’s AirWatch Launches AirWatch AppShield for Mobile App Security and Management
Wednesday, September 10, 2014 by Stuart Parkerson
VMware’s AirWatch has introduced the AirWatch AppShield which utilizes the AirWatch SDK and the AirWatch App Wrapping engine to provide users with security and management capabilities. AirWatch also has announced the charter mobile application management platform (MADP) providers that interoperate with AirWatch AppShield.AirWatch provides the ability to containerize app...
New Report Shows Enterprises Are Concerned With Mobile App Security
Thursday, May 8, 2014 by Richard Harris
Good Technology has released its Q1 2014 Good Mobility Index Report which, among its findings, has identified a trend in the significant increase in activations of complex secure enterprise apps, most notably secure browsing.The report surveys more than 5,000 Good Technology customers including the following sectors: Financial Services, Healthcare, Manufacturi...