The total number of virus attacks are down, but malicious codemeisters are getting faster, more sophisticated, and they're beginning to target e-commerce concerns and small businesses. That's the conclusion of a report published this week by security application provider Symantec.
Develop any software that processes JPEG files lately? Microsoft's latest
security bulletin may spell bad news for you.
Some pundits view IT security today as immature, insecure and out of control. Every organization should develop internal expertise in this area.
Qwik-Fix tries to prevent malware from attacking your computer by hardening Windows. In some cases, this fixes vulnerabilities months before Microsoft releases patches.
Think it's tough to exploit a buffer overflow in Windows? Download this tool and you might change your mind.
The Liberty Alliance Project, the non-profit trade group organized to develop open standards and tools for federated network identity, has added some more industry heavyweights to its ranks. Intel and Oracle were among seven organizations that joined as sponsor members recently.
RSA, Bsafe SWS-J, may spell relief for Java coders working on Web services applications. The new product provides security mechanisms based on the Oasis WS-Security standard that developers can simply add to their application.
From confidentiality, integrity, and availability to authentication, authorization, and audit, find out how you can employ best practices to make Web services secure.
The new version of Groove is more tightly integrated with Windows than ever before. It deserves a spot in any far-flung enterprise or extranet collaboration picture.
Anyone who needed another example of just how radically network security issues have shifted over the past few years must look no further than last week's recommendation from IT industry analysts at Gartner that corporations consider banning Apple Computer's wildly popular portable music player, the iPod, from the workplace.
Web services security is being built into everything from major Web app development platforms to integration and other software.
ADT's Programmers Report occasionally looks at security
issues from the point of view of source code analysis and better coding
practices. We recently met with Chris Wysopal, vice president of R&D for
@stake Inc., and thought he had a different take on this issue. What follows are
excerpts from an e-mail interview.
A recent security vulnerability suggests that maybe the once a month Microsoft
patch cycle wasn't such a good idea after all.
Fortify Software offers a high-end static analysis tool set dedicated to checking security issues.
JAAS is based on the Pluggable Authentication Modules model and provides authentication and authorization services. Check out its many security benefits for Java applications.
Microsoft is urging developers working on or maintaining applications running on Windows XP to get up to speed on Service Pack 2 (SP2), currently a Release Candidate 1 (RC1).
The Web Services Interoperability (WS-I) Organization has released the working-group draft of its Basic Security Profile for public comment.
There are lots of ways to think about good software. Is the balance seriously
off in recent years?
Don't leave application security for tomorrow.
Malicious exploitations of Windows vulnerabilities have become such a common occurrence that Gartner is advising its Windows-using customers to plan for them in their budgets.