Category

Security Testing

Category

Both penetration testing and vulnerability testing are considered to be an integral part of software security. They are beneficial in preventing cybercrime. Penetration testing plays an integral role in exploiting different weaknesses within the environment. With the automation of vulnerability scanning, the penetration testing needs different expertise levels. Vulnerability scanning is essential to maintain the prerequisite information security. As you go through this write-up, you can seek information about the differences between penetration testing and…

It’s been just over one year since the European Union put into effect the General Data Protection Regulation (GDPR). Set up to establish rules for digital privacy and give consumers more control over their data, GDPR has been controversial because of the supposed burden it places on organizations in order to comply with the regulations. A new study conducted by security testing firm ImmuniWeb found that while companies have had ample time to get their sites and services up to date, many are…

In one of the episodes of Sherlock Holmes, Jim Moriarty orchestrated a simultaneous heist on the Tower of London, Bank of England, and Pentonville Prison with a single tap on his phone. Sherlock, in turn, tried to find the ‘master code’ that could open any locker anywhere in the whole wide world – a unique combination of ones and zeroes that bears the power to penetrate into layers and layers of security. This was a fictional scenario, it did raise a question and a very important one at that – Is our security system this…

How to Test Application Security – Web and Desktop Application Security Testing Techniques The Need For Security Testing? The software industry has achieved a solid recognition in this age. In the recent decade, however, the cyber-world seems to be even more dominating and driving force which is shaping up the new forms of almost every business. Web-based ERP systems used today are the best evidence that IT has revolutionized our beloved global village. These days,…

How to Test Application Security – Web and Desktop Application Security Testing Techniques The Need For Security Testing? The software industry has achieved a solid recognition in this age. In the recent decade, however, the cyber-world seems to be even more dominating and driving force which is shaping up the new forms of almost every business. Web-based ERP systems used today are the best evidence that IT has revolutionized our beloved global village. These days,…

Security testing is becoming essential for every business. Undetected bugs and security vulnerabilities can lead to expensive consequences or even losses that businesses can’t recover from. Security issues are usually considered when developing web and SaaS solutions. However, security matters for each and every product, no matter what goals it serves and what technologies it uses. At Apriorit, we always include security testing in our quality assurance strategies. In this article, we focus on some…

Identity in a remote world has taken on added importance for cybersecurity leaders speaking in a webinar on the state of security and the evolving role of CISOs at VMworld 2020. “In the CISO community we’ve talked about the notion of ‘Your identity is your perimeter.’ This put an exclamation point on that,” said Jason Lee, CISO of Zoom, referring to the COVID-19 pandemic. “When I think of the scenario of how do I know…

One of the biggest risks with software security is the opaque nature of verification tools and processes, and the potential for false negatives not covered by a particular verification technique (e.g. automated dynamic testing). Despite many best practices around secure Software Development Lifecycle (SDLC) most organizations tend to primarily rely on testing to build secure software. One of the most significant byproducts from current methods of testing is that organizations rarely understand what is being tested – and more…

The Online Trust Alliance (OTA) evaluated 13 “free” e-file tax sites recommended by the IRS against both their own rigorous standards and the IRS’s less stringent security measures. OTA categorized the sites into two groups: Honor Roll or Failed. Six sites, or 46% of those audited, failed OTA’s cybersecurity tests. One of the sites did not even meet the IRS’s own requirements. OTA audited the 13 e-file tax sites shown above between February 2 and February 18, 2016. The sites were…

As Maverick and Goose declared in the movie Top Gun, “I feel the need…the need for speed!” Speed is a defining characteristic of IT and app development these days. It used to just be desirable—now it’s a strategic imperative. The DevOps revolution has accelerated the software development lifecycle. Rapid deployment and frequent updates are the new norm. It’s important, however, not to let security fall victim to the quest for speed. That’s where companies like…