Mitigating API attacks in 2022
Wednesday, January 5, 2022 by Richard Harris
Nathanael Coffing, co-founder and CSO of Cloudentity, is also a board member. Nathanael has over 20 years of management and architecture experience across identity, security, microservices, and IT domains. Prior to founding Cloudentity, he founded OrchIS.io and helped build numerous technology startups leveraging his experience at Sun, Oracle, Imperva, Washington Mutual...
HAProxy load balancer 20th anniversary celebration
Wednesday, November 17, 2021 by Christian Hargrave
HAProxy Technologies, the provider of a software load balancer, has announced the 20th anniversary of the HAProxy load balancer, a major milestone for one of the industry's most successful open-source products. This week, the HAProxy community will be celebrating this milestone at the virtual HAProxyConf by presenting individual experiences in deploying the HAP...
What's new in NGINX Plus R18
Tuesday, April 16, 2019 by Richard Harris
NGINX, Inc. has announced the general availability of NGINX Plus R18. NGINX Plus is an all-in-one load balancer, content cache, web server, proxy, API gateway, and Kubernetes Ingress Controller. This versatility enables you to simplify your architecture for delivering both traditional applications and new ones based on microservices.
NGINX’s flexibility, ...
5 app development tips to help you avoid disaster
Wednesday, November 28, 2018 by Joe Hanson
Mobile app development: it’s easy and straightforward in the lab, but once your app is deployed to the wild, all bets are off. You need to deliver seamless, fast experiences for users on low-powered devices, in any number of network environments.
When it comes to building mobile apps, uncontrollable user behavior can lead you down the path to death by 1000 pape...
How the reddit security breach reminds us to be careful
Monday, August 6, 2018 by Christian Hargrave
reddit recently disclosed in their announcements feed of a security breach into their system which the hacker "managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords." Include in the disclosed information was some reddit source code and some log files.
They went on to sa...
Detect eavesdropping in your mobile app with TrustKit
Wednesday, July 11, 2018 by Christian Hargrave
Data Theorem, Inc. announced the availability of TrustKit Analytics, a new service for the TrustKit community that delivers advanced security insights. In addition, the company announced that since TrustKit’s release in 2015, it has identified more than 100 million eavesdropping attempts on iOS and Android applications, where apps in active mode have blocked 100 p...
FTP vulnerabilities and what you can do
Thursday, May 24, 2018 by Richard Harris
File Transfer Protocol or (FTP) for short is old, and when I say old - I mean 1971 old when it was initially published as RFC 114. It defines a way clients can transfer files to a server. Typically gated with a password and either sent clear text, or over SSL/TLS/SFTP, it’s a rock solid way to get files sent to their destination and is widely supported. But in today’s w...
Data Science Experience from IBM gets an update
Tuesday, October 3, 2017 by Richard Harris
In a blog post on Medium in the section for IBM Analytics, by their own Vikram Murali, the company announced that IBM was going to update its Data Science Experience (also called DSX). DSX is a tool for amateur and professional data scientists alike who are looking to use an insightful tool for the data science trade. "With this release, we’ve focused on expanding suppo...
Tips for securing container deployments
Friday, September 1, 2017 by Richard Harris
Container deployments are still susceptible to the regular threats that other types of deployments are - including DDoS and cross-site scripting attacks. In fact, hackers often take advantage of compromised containers to scan sensitive data, download malware, or privilegeunauthorized access to any of your containers, hosts or data centers.Fei Huang is the CEO of NeuVect...
Why runtime application selfprotection is critical for app security
Tuesday, June 20, 2017 by David Strom
Today most of us go about implementing security from the outside in. The common practice is to start by defining a perimeter and trying to defend it with various security tools. Even though perimeters have been porous for more than a decade, we still can’t give up this notion that if we build a better wall we can keep our enterprises safer.Certainly that is where most e...
Many fintech DevOps are not enforcing security
Tuesday, June 6, 2017 by Christian Hargrave
Venafi has announced the results of a study on the cryptographic security practices of DevOps teams in the financial services industry. Cryptographic security risks are amplified in DevOps settings, where compromises in development or test environments can spread to production systems and applications. This is a particular issue for financial services organizations, whi...
Andrew LeCates from FileMaker discusses version 16
Tuesday, May 16, 2017 by Richard Harris
FileMaker, an Apple subsidiary that helps developers make custom apps, has recently released their platform's 16th iteration. The updates have enhanced previous versions with improvements that both professional and first-time developers can use to create, share, and run custom apps.Some of their new updates include a new Layout Objects window, scalability up to 500 simu...
A realtime, open source commerce platform launched by Reaction Commerce
Tuesday, March 21, 2017 by Richard Harris
Reaction Commerce has announced the general availability (GA) release of its breakthrough, real-time and completely open source commerce platform, designed to build, run and scale modern digital stores. Offering the simplicity that businesses expect, along with the reliability, customization and scalability that larger retailers and brands require, Reaction Commerce ena...
ImmuniWeb Mobile launches to offer better mobile security testing
Wednesday, March 15, 2017 by Richard Harris
High-Tech Bridge announces the launch of ImmuniWeb Mobile as part of ImmuniWeb Application Security Testing Platform. The new offering will provide comprehensive assessment of iOS and Android mobile applications, mobile infrastructure backend and data channel encryption. All ImmuniWeb Mobile packages are provided with a zero false-positives SLA. The mobile application s...
Optimizing your app server performance really matters
Friday, February 3, 2017 by Richard Harris
As people are becoming more and more likely to turn to software as a means for entertainment, computer utility solutions, and everything in between, the load on a healthy business's servers can quickly max out. This can cause some major issues, i.e. leaving your customers suffering from horrible load times or even completely dead in the water. That's why a intuitiv...
HP Enterprise opens up about StormRunner Load and DevOps in the cloud
Tuesday, January 3, 2017 by Richard Harris
HP Enterprise recently announced the availability of HPE StormRunner Load on the AWS Marketplace. StormRunner Load is one of the first solutions to support SaaS Subscriptions on AWS Marketplace, and will help developers strengthen the quality and delivery of applications via a simple, intuitive and highly scalable platform.
In-short, it's a a cl...
Cambium Networks jailbreaks first wireless broadband network
Wednesday, December 7, 2016 by Christian Hargrave
Cambium Networks has announced ePMP Elevate, a software solution allowing outdoor wireless broadband networks to gain the signature capabilities of Cambium Networks’ ePMP platform, including frequency reuse enabled by GPS Synchronization and Smart Beamforming, even on non-Cambium Networks 802.11n-based hardware. As it becomes increasingly important for wireless ne...
Realtime streaming and better security for DevOps with new MaxScale 2.0
Tuesday, October 4, 2016 by Richard Harris
MariaDB Corporation has announced the general availability of MaxScale 2.0, which adds new data streaming integration with Kafka. MaxScale is a next-generation database proxy that manages administrative functions like security, scalability, data streaming and high availability, enabling the database to focus on core functionality.At its core, MaxScale has a multi-thread...
You can now build and run apps in FileMaker Cloud
Monday, October 3, 2016 by Richard Harris
FileMaker, Inc. has released its cloud-based platform for managing and running custom apps, FileMaker Cloud. The offering provides the simplicity, performance and reliability of the FileMaker Platform without having to spend time and resources deploying and maintaining a server.FileMaker enables businesses, both small and large, to quickly and easily deploy custom mobil...
NGINX Plus Release 10 Lands
Monday, August 29, 2016 by Richard Harris
NGINX Plus R10 is NGINX’s most significant release to date. NGINX Plus extends the open source NGINX software with advanced functionality and award‑winning support, providing customers with a complete application delivery solution. This latest release is the culmination of work the team has been putting in over the past year based on feedback from some of the ...
Citrix Introduces Free Developer Version of NetScaler CPX
Sunday, August 28, 2016 by Richard Harris
Citrix has announced NetScaler CPX Express, a free developer version of NetScaler CPX, which is a NetScaler in a container form factor that delivers a battle-tested load balancer for developers to create microservices applications.Digital business transformation is driving line of business to adopt rapid application development and deployment methodologies, such as DevO...
Wireless Networks, SSL, Content Delivery Networks: What You Need to Know
Thursday, August 18, 2016 by Pete Mastin
Everything and everyone is going mobile. We all hear it every day. We see people wondering around parks looking for Pokémon. Increasingly, we see people using mobile devices to replace desktops and laptops professionally. How are architectures for application performance evolving to keep up with the shift to mobile? Let’s look at two trends that are conspiring...
Mobile App Greatness: It Matters
Wednesday, July 27, 2016 by Joe Schulz
Mobile user expectations are an interesting thing. We all hear that they are through the roof, and that users expect app behaviors and responses to occur in near-nanoseconds. What most of us don’t hear is that the features and functions that matter to users do not necessarily align with what developers are giving them - or what developers think they want.As a result, ev...
Sovrn Offers Enhanced SSLCompliant Advertising Functionality
Sunday, May 22, 2016 by Stuart Parkerson
Sovrn has announced that its platform new offers SSL-compliant advertising functionality to give publishers greater security for their audiences and access to SSL-compliant demand sources.Sovrn offers website monetization tools that collect and report on reader intent, behavior, demographics, and other insights. The new Sovrn ad tags are protocol-agnostic, meaning they ...
Perfect Offers Swift Web Server and Toolkit for Developers
Tuesday, May 17, 2016 by Stuart Parkerson
Perfect is a web server and toolkit for developers using the Swift programming language to build applications and other REST services. The platform lets developers build using only Swift to program both the client-facing and server-side of their projects.The platform is free-to-use and available under the permissible Apache License v2.0. It provides developers with a fr...
How Webscale's Application Delivery Platform Supports Rapid Deployment
Sunday, May 1, 2016 by Richard Harris
We recently visited with Andrew Humber, Head of Marketing at Webscale, to learn about recent updates to the company’s application delivery platform. ADM: Describe Webscale’s technology.Humber: Webscale gives e-commerce and enterprise customers complete control over their web applications, delivering infinite scalability, high performance, security and monitoring in...
Five Common Mobile App Security Vulnerabilities And How to Fix Them
Saturday, April 30, 2016 by Seth Jaslow
Mobile app security leaves much to be desired. That was the conclusion of a 2016 Hewlett Packard Enterprise (HPE) study which found that a staggering 96 percent of 36,000 mobile apps failed at least one of 10 privacy checks. Three years ago, a similar HPE study found that 97 percent of 2,000 apps reviewed held insecure private information. As mobile app usage conti...
Secure Mobile Access for BYOD
Friday, March 4, 2016 by Paul Andersen
If you are an IT manager responsible for defining your organization’s approach to BYOD, there are hundreds, if not thousands, of articles and guides available on the topic. Unfortunately, most BYOD articles overlook a technology that has been the workhorse for secure remote access for more than a decade: SSL VPN.Originally designed for secure remote PC and laptop access...
Array Networks Release Offers Elliptical Curve Cryptography for ADC Physical and Virtual Environments
Friday, February 26, 2016 by Richard Harris
Array Networks has released APV version 8.6, a new software release for Array’s APV Series Application Delivery Controllers (ADCs). The release offers newly added support for elliptical curve cryptography (ECC) - the next generation of public-key cryptography - APV version 8.6 provides improved security while requiring less computational power, resulting in faster proce...
OAuth vs SAML for Developers Needing to Implement Single Sign On (SSO)
Monday, February 22, 2016 by Richard Harris
Inversoft CEO Brian Pontarelli reached out to us to provide his thoughts on OAuth vs SAML as a single sign on (SS0) option for developers needing to implement an SSO solution. Inversoft’s Passport platform leverages OAuth to provide a user management system for registration, login and single sign-on.ADM: Why do you feel OAuth surpasses SAML?Pontarelli: The main advantag...
Silicon Labs Gecko MCU Platforms Focusing on IoT Security and Energy
Tuesday, January 5, 2016 by Richard Harris
Silicon Labs has introduced two new EFM32 Gecko microcontroller (MCU) platforms that focus on security and energy management for IoT-connected devices. The new Jade Gecko and Pearl Gecko MCUs combine a hardware cryptography engine, low-energy modes, an on-chip dc-dc converter and scalable memory options. The EFM32 Jade and Pearl Gecko MCUs microcontrollers target e...
Catching Mobile Encryption Flaws
Tuesday, December 15, 2015 by Craig Young
More than 80-percent of mobile devices contain encryption flaws and applications written in PHP, ColdFusion and Classic ASP are most likely to have serious flaws according to a report by Veracode. These flaws in mobile apps present a grave risk for those who use them on untrusted wireless networks. The Source of the Encryption FlawsI believe that a common source of...
Confluent's Platform Receives Updated Apache Kafka 0.9 Core
Friday, December 11, 2015 by Richard Harris
Confluent has released an update to its open source Confluent Platform 2.0 which is based on an updated Apache Kafka 0.9 core. The release offers new functionality to enable secure multi-tenant operations, simplify development and maintenance of applications that produce or consume data in Kafka, and provide high-throughput, scalable data integration with a wide array o...
Inversoft CEO Brian Pontarelli Discusses New Passport SSO User Management Platform
Friday, December 11, 2015 by Richard Harris
We recently visited with Inversoft CEO Brian Pontarelli to talk about his company’s new Passport single sign on (SSO) user management solution that goes beyond standard single sign-on to support messaging in the user’s localized language, built-in analytics, and the ability to discipline/reward users (e.g. mute, ban, suspend, reward) based on activity.Brian is the found...
TempoIQ Adds Updates to Its IoT PaaS NoCode Platform
Tuesday, November 10, 2015 by Richard Harris
TempoIQ has launched of the 4th generation of its PaaS-based no-code application platform which provides the ability to create IoT dashboards, mobile applications, and websites without writing code. The latest release provides new functionality into the ability for companies to create custom applications, real-time dashboards and design data visualizations with time-tra...
