Application Security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, or deployment of the application.
APTs (advanced persistent threats) have changed the world of enterprise security and how networks and organizations are attacked. This book provides an in-depth examination of real-world
attacks and APTs, the shortcomings of legacy security solutions,
the capabilities of next-generation firewalls, and security best
White Paper Published By: Rapid7
Published Date: Mar 19, 2014
In this guide, penetration testers will learn how to evade anti-virus detection on target machines for your Metasploit pen tests. This guide will be most useful to readers who already have some penetration testing experience and are familiar with Metasploit Pro.
White Paper Published By: OutSystems
Published Date: Mar 18, 2014
This paper explores why PaaS has suddenly become relevant and irresistible to many organizations. It dives into the opportunities and considerations associated with using PaaS from an application development and deployment perspective, as well as the ways PaaS can help enhance developer productivity.
The efficacy of code signing as an authentication mechanism for software depends on the secure storage of code signing private keys used by software publishers. Companies that are diligent and willing to invest in the appropriate security measures can make the compromise of their private keys highly unlikely. This white paper describes recent security breaches and why they may have happened, along with best practices, especially for the Windows platform, which can help to safeguard the private keys associated with code signing certificates.
"For years, developers have known that one of the best ways to reassure users is by signing code using a digital signature accessed via a private key issued by a respected certificate authority. But signed code is not invulnerable. Due to lax key security and vetting processes, malware has managed to infiltrate applications with signed code.
Extended Validation (EV) Code Signing Certificates help to halt malware infiltration by requiring a rigorous vetting process and helping ensure that private key security cannot be compromised. EV certificates require a hard token and associated PIN in order to sign code, introducing a more secure physical factor of authentication to the signing process. The EV Code Signing process provides browsers, operating systems, and security software an additional source of confidence in applications signed with an EV certificate.
Read the white paper, Protect Your Applications—and Reputation—with Symantec EV Code Signing, to learn:
• Key background on the latest malware threats
• How you can provide users with reassurance that your application is safe to download
• Why EV Code Signing Certificates represent the next step in advanced website security and their effectiveness
• How you can help provide a frictionless experience when users attempt to download your application