Tuesday, May 30, 2017

Is your approach to application security based in reality

Is your approach to application security based in reality

I know I say this a lot here - Ive been so busy writing that Ive been remiss in posting my actual content. So...Ive got some content on web and mobile application security and penetration testing this time around.

You see, there are so many researchers, theories, and academic approaches to web and mobile security that its simply overwhelming. Much of it doesnt apply to what businesses really need to be addressing anyway. Taking the 80/20 approach, what do you really need to focus on thats going to provide the highest payoffs?

Well, in the spirit of my book Hacking For Dummies (be sure to check out the new 4th edition), here are some tips Ive written for my friends at TechTarget and Acunetix on some important web and mobile application security issues you need to be tuned in to beyond all the noise thats out there:

Don’t Let Problems Stop You From Carrying Out Web Application Testing  (before Too Scared to Scan was cool ;-)

Mobile app software: Avoid the perpetual cycle of insecurity

Hybrid security: Beyond pen testing and static analysis

Mac Malware Underscores Why You Can’t Ignore Web Security Threats

Do You Scan with Network Security Controls Enabled or Disabled?

Take Care in Handling the Results of Your Web Application Testing

Much more to come on web and mobile security testing...Its what I love doing and Ive learned a tremendous amount while doing it over the past decade.

In the meantime, check out my website for links to all of my other information security-related content.


Available link for download