application security
Low code, high stakes: Addressing SQL injection
Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source …
59% of public sector apps carry long-standing security flaws
Applications developed by public sector organizations have more security debt than those created by the private sector, according to Veracode. Security debt, defined for this …
Security tools fail to translate risks for executives
Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate …
A closer look at Apiiro’s SHINE partner program
In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company’s new technology partner …
The next wave of mobile threats
According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the global mobile security …
Stopping security breaches by managing AppSec posture
Many security vulnerabilities result from human error, and the majority of these are reflected in the application layer. These errors may occur at any stage in the software …
6 keys to navigating security and app development team tensions
There will always be a natural tension between cybersecurity teams and developers. After all, it’s the developer’s role to “develop.” They want and are …
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The …
Organizations are knowingly releasing vulnerable applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers …
How threat actors abuse OAuth apps
OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security …
Unlocking sustainable security practices with secure coding education
Despite stringent regulations and calls for ‘security by design’, organizations are still failing to equip teams with the knowledge to secure code, according to Security …
Top 2024 AppSec predictions
In this Help Net Security video, Shahar Man, CEO of Backslash Security, offers his top three AppSec predictions for 2024, uncovering future trends.
Featured news
Resources
Don't miss
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
- Defense strategies to counter escalating hybrid attacks