Tutorials

Building security into the SDLC (Software development life cycle)

PCI DSS compliance: Web application firewalls (WAFs)

Web application firewalls (WAFs) are one option for those seeking compliance with requirement 6.6 of the PCI DSS. The benefits, limitations and proper implementation of WAFs are discussed by security experts in this section. Continue Reading
PCI DSS compliance: The basics

PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6. Continue Reading
PCI DSS compliance: Code review

Code review is a broad security concept and those looking at this option for compliance will find plenty of expert information on the types of code review in this section of the guide. Continue Reading
Web application security and the PCI DSS

Software security should be integrated into the software development lifecycle at every phase. While the PCI DSS doesn't account for all of this, here are some tips to get you started on a holistic approach toward security. Continue Reading
Application threats: CSRF, injection attacks and cookie replay

Web application exploits come in a variety of forms. There are a few that stand out: XSS, for example. But what about XSRF, which is only recently garnering the press is deserves? There are comparatively little resources for less famous exploits. ... Continue Reading

Authentication & authorization: Secure ID and user privileges

Authentication and authorization work together to prevent a multitude of application security attacks. While the basic concepts behind these two methods may be simple, the technology is not. There is a vast array of authentication and authorization ... Continue Reading
Five application security threats and how to counter them

New threats emerge every day. In order to be secure, you must be able to identify the major threats and understand how to counter them. Here is a guide to the five most common and insidious threats to applications -– and what you can do about ... Continue Reading
Developing secure enterprise Java applications

Java application security tips, techniques, tools and other resources from SearchSoftwareQuality. Continue Reading
Developing secure .NET applications

There's no denying the importance of incorporating security at the application level. While some issues are similar across platforms, .NET developers face their own challenges. The resources here will help you understand the basics of .NET ... Continue Reading
SAP application security learning guide

If you're like most IT professionals, security is at the forefront of your concerns. Learn best practices for SAP security and applications security in this learning guide from SearchSAP.com and SearchAppSecurity.com. Continue Reading
Top 10 Web application security vulnerabilities

Based on the Open Web Application Security Project's top 10 project, this guide covers the 10 most critical Web application security vulnerabilities and how to protect your applications. Continue Reading

Examples of BPM use cases where iBPM fits in

Does iBPM stand to deliver real value in the workplace? Expert Tom Nolle examines three key use cases that illustrate how iBPM ...

An inside look at the Oracle container management strategy

This Q&A takes an in-depth look at the Oracle container plans, including its work with Docker, Kubernetes and the open source ...

Developing a clearly defined API management strategy

APIs are enjoying a ubiquitous lifestyle and becoming the main entryway to the digital business.

TheServerSide.com

Can a left shift in Java cause DevOps developer burnout?

DevOps burnout is more common than you think. Pay attention to the details in your Java shift left to make sure your dev and ...

Microsoft gains instant Java credibility with jClarity buy

Microsoft has acquired jClarity to help optimize its Azure cloud platform to run Java workloads, a coveted target for the now ...

How to install the JDK on Windows and set up JAVA_HOME

You have options when it comes to JDK installations on Windows and Linux. Here are some helpful tips to ensure a proper install ...

SearchCloudApplications

What Oracle delivered at OOW 2015

Learn how Oracle was pushing its cloud technologies, but OOW 2015 keynote speakers largely talked about cloud strategies.

Five key terms in enterprise cloud applications you need to know

Are you stumped by enterprise cloud applications or related technology? Check out this breakdown of five important terms to help ...

Survey: Developer-programmer pay, job satisfaction below IT average

In TechTarget's 2013 IT Salary and Careers Survey, developer-programmer respondents reported lower pay and less job satisfaction ...

SearchAWS

Implement serverless architecture on AWS without Lambda

Serverless on AWS isn't all about Lambda. In fact, many of the services developers use often -- such as S3, Aurora and others -- ...

AWS Lambda alternatives for flexible cloud workloads

Experts share points of comparison for Lambda vs. the competition, and what other options AWS has for elastic computing without ...

Globe and Mail's AWS migration drives digital engagement

Canadian news outlet The Globe and Mail has broadly adopted AWS cloud services in a bid to increase reader engagement and digital...

SearchBusinessAnalytics

5 augmented analytics examples in the enterprise

Here are the top examples of augmented analytics uses that BI vendors support and enable, including data preparation, NLP-based ...

Phocas BI tool proves its value for manufacturers, wholesalers

With its focus on the manufacturing and wholesale distribution industries, Phocas Software has carved out a niche for itself ...

The Salesforce acquisition of Tableau complements Einstein Analytics

Given the different strengths of Salesforce's Einstein Analytics platform and Tableau, the BI tools could prove complementary now...

SearchHRSoftware

CEO commitment to upskilling employees may boost HR tech

Top CEOs are promising to train their employees and make sure they are ready for an automating world. Whether the promise is real...

Employee engagement technology not a panacea for HR woes

Employee engagement comes in many shapes and forms, leaving employers to scratch their heads at the best way to motivate their ...

Hiring vendor says gender-based AI bias is pervasive

Gender bias in AI algorithms for recruiting and hiring is a big problem, according to the head of Job.com. With a new hire, the ...

SearchHealthIT

Promises for 5G in healthcare are great, but it's still early days

Analysts offer insight into how 5G works, where it might make the most impact in healthcare and why some of what 5G may offer is ...

5G healthcare use cases will help justify investment but are elusive

To invest in the 5G wireless network, healthcare CIOs will need compelling use cases. But since the network won't be ready for ...

5G impact on healthcare a ways off, but CIOs shouldn't sit idle

5G could benefit areas of healthcare like telehealth and remote patient monitoring. That reality is still a few years out, but ...

DevOpsAgenda

How to bust security silos and secure your operation

DevOps means velocity, though, not at security's expense. Rapid7's Jen Andre thinks automation and orchestration strategies can ...

The first step from Agile to DevOps is a pilot project

Agile to DevOps isn't as perilous as Waterfall to Agile, but it will take measurable goals and an efficient pilot project to ...

Best practices for DevOps compliance and reusability

You know you want to scale with a model-driven process. So how do you make it work? Start with these best practices for ...