WS-Security (Web Services Security) is a communications protocol providing a means for applying security to Web Services. Integrity and confidentiality can also be enforced on Web Services through the use of Transport Layer Security (TLS), for example by sending messages over https.
This year’s ISTR once again covers the wide-ranging threat landscape, with data collected and analyzed by Symantec’s security experts. In this summary, we call out seven areas that
deserve special attention.
Incidents of web application security breaches that result in data theft are growing in frequency and severity, making it critical for organizations to take immediate steps to examine the security measures they have in place, assess vulnerabilities and act to protect the business.
This white paper outlines the application threat landscape; explains why next generation firewalls are ill-equipped to stop web attacks; and provides six essential requirements for protecting web applications.
Regardless of platform, the Web has become a hub of information and productivity. The browser has evolved to become one of the most-used applications, which has drawn the attention of cyber criminals – making it a potential Achilles heel for security.
Performance testing and benchmarking of cloud computing platforms is a complex task, compounded by the differences between providers and the use cases of cloud computing users. IaaS services are utilized by a large variety of industries and, performance metrics cannot be understood by simply representing cloud performance with a single value. When selecting a cloud computing provider, IT professionals consider many factors: compatibility, performance, cost, security and more. Performance is a key factor that drives many others including cost. In many cases, 3 primary bottlenecks affect server performance: central processing unit (CPU) performance, disk performance, and internal network performance.
Symantec vulnerability assessments help to reduce the cost and complexity of vulnerability management with automated scans, actionable reports, and a cloud-based architecture that requires no software installation or maintenance.
The solutions to problems of computing security are varied and must be explored individually, but one technology shows up often: TLS or Transport Layer Security, often known by the name of the predecessor technology, SSL or Secure Sockets Layer.
This paper describes the financial implications of Web attacks, DDoS attacks, and other Web-based threats. It shows how the SecureSphere Web Application Firewall provides a Return on Security Investment of 2090% by preventing data breaches and Website downtime.
Consumer-focused technologies that are deployed by employees can provide tremendous value to any business and can provide IT organizations with more functionality than they can afford or are willing to deploy. However, consumer technologies must be appropriately managed in order to satisfy corporate security, compliance and other requirements. This means integrating consumer technologies into the existing IT fabric in order to achieve the greatest possible synergies between consumer-focused and IT-deployed technologies.
YouSendIt is a Web-based secure digital file delivery company, which lets users securely send, receive and track files on demand. It is an alternative to sending large e-mail attachments, using FTP, and sending CDs or DVDs or tape or USB flash drive via Sneakernet. The sender can enter the recipients' e-mail addresses, attach the file and send it; the recipients receive an e-mail notification with a URL that lets them download the file.
This white paper explains the epidemic threat of hackers injecting hidden malware into websites and the negative effect on the brand and traffic to the victim website when blacklisted by Google as a "harmful" website.
This white paper discusses a technology that proactively takes security a step further by enabling the safe use of Web 2.0, and therefore, maintaining productivity while mitigating the malware threat altogether.
This report is the result of the largest public-private sector research project focused on open source software integrity, originally initiated between Coverity and the U.S. Department of Homeland Security in 2006. The results from the 2010 edition of the Coverity Scan Open Source Integrity Report detail the findings of analyzing more than 61 million lines of open source code from 291 popular and widely-used open source projects such as Android, Linux, Apache, Samba and PHP, among others.
From document imaging to email and fax integration, OCR data capture, workflow, and content publishing and distribution, Datahaven provides the means to enable a data-centric application to natively capture, process, store, and manage the entire spectrum of content and related metadata from within its already-familiar user interface.
voke Names Coverity as a Transformational Company in the Testing Market Coverity has been rated as a Transformational company in the voke, inc. Market Mover Array Report for Testing Platforms. Coverity's rating is recognition of the impact that Coverity's software integrity strategy is making in shaping the future of the testing market.
Enterprises understand the importance of securing web applications to protect critical corporate and customer data. What many don't understand, is how to implement a robust process for integrating security and risk management throughout the web application.