• September 20, 2006 20 Sep'06

    application firewall

    An application firewall is an enhanced firewall that limits access by applications to the operating system (OS) of a computer... (Continued)  Continue Reading

  • September 20, 2006 20 Sep'06

    Burton: Web application firewall market maturing

    Web application firewalls have improved performance and functionality, but it still takes time, knowledge and skills to implement them, according to a recent Burton Group report. They are not "fire and forget" solutions.  Continue Reading

  • September 19, 2006 19 Sep'06

    Cross-site tracing explained

    Cross-site tracing (XST) is a reflected version of cross-site scripting (XSS). Expert Jeff Williams describes what makes this Web application security exploit unique and offers strategies for prevention.  Continue Reading

  • September 18, 2006 18 Sep'06

    Secure development certifications required

    When it comes to secure development practices, the industry experts talk about "developer-focused security training," but people don't seem to enforce it or make it a prerequisite for employment. Unless they do, coding practices won't evolve to ...  Continue Reading

  • September 15, 2006 15 Sep'06

    Making sense of Web services security standards

    Several industry-standard initiatives on Web services security standards are in progress. Expert Ramesh Nagappan reviews some of the most prominent ones and explains their value.  Continue Reading

  • September 14, 2006 14 Sep'06

    Learning Guide: Application security testing techniques

    Testing applications for security purposes is such a basic, important safety measure that most security professionals wouldn't think twice about it. Explore your options for pen testing, vulnerability analysis, fuzzing and more in this application ...  Continue Reading

  • September 14, 2006 14 Sep'06

    Web services security a challenging endeavor

    Web services have introduced new security challenges, some of which remain unaddressed by security mechanisms and technologies. Expert Ramesh Nagappan reviews the known threats to Web services and countermeasures to protect them.  Continue Reading

  • September 13, 2006 13 Sep'06

    SAML to remain open

    Ed Tittel discusses how Sun's decision not to enforce its patent on SAML helps further the whole open source environment growing up around XML security markup languages.  Continue Reading

  • September 13, 2006 13 Sep'06

    Product roundup: New tools to ensure application security

    Over the past month, several application security products have been announced. Here's a roundup of some of those new tools, including Parasoft's Jtest 8.0, SIFT's Web Method Search tool and WiKID 2.1.1.  Continue Reading

  • September 08, 2006 08 Sep'06

    Challenges of two-factor authentication

    Two-factor authentication offers many security benefits, but can be expensive and ineffective if not implemented carefully. In order to secure your apps, choose your authentication methods and tools wisely.  Continue Reading