Tutorials

Tutorials

Building security into the SDLC (Software development life cycle)

PCI DSS compliance: Web application firewalls (WAFs)

Web application firewalls (WAFs) are one option for those seeking compliance with requirement 6.6 of the PCI DSS. The benefits, limitations and proper implementation of WAFs are discussed by security experts in this section. Continue Reading
PCI DSS compliance: The basics

PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6. Continue Reading
PCI DSS compliance: Code review

Code review is a broad security concept and those looking at this option for compliance will find plenty of expert information on the types of code review in this section of the guide. Continue Reading
Web application security and the PCI DSS

Software security should be integrated into the software development lifecycle at every phase. While the PCI DSS doesn't account for all of this, here are some tips to get you started on a holistic approach toward security. Continue Reading
Application threats: CSRF, injection attacks and cookie replay

Web application exploits come in a variety of forms. There are a few that stand out: XSS, for example. But what about XSRF, which is only recently garnering the press is deserves? There are comparatively little resources for less famous exploits. ... Continue Reading

Authentication & authorization: Secure ID and user privileges

Authentication and authorization work together to prevent a multitude of application security attacks. While the basic concepts behind these two methods may be simple, the technology is not. There is a vast array of authentication and authorization ... Continue Reading
Five application security threats and how to counter them

New threats emerge every day. In order to be secure, you must be able to identify the major threats and understand how to counter them. Here is a guide to the five most common and insidious threats to applications -– and what you can do about ... Continue Reading
Developing secure enterprise Java applications

Java application security tips, techniques, tools and other resources from SearchSoftwareQuality. Continue Reading
Developing secure .NET applications

There's no denying the importance of incorporating security at the application level. While some issues are similar across platforms, .NET developers face their own challenges. The resources here will help you understand the basics of .NET ... Continue Reading
SAP application security learning guide

If you're like most IT professionals, security is at the forefront of your concerns. Learn best practices for SAP security and applications security in this learning guide from SearchSAP.com and SearchAppSecurity.com. Continue Reading
Top 10 Web application security vulnerabilities

Based on the Open Web Application Security Project's top 10 project, this guide covers the 10 most critical Web application security vulnerabilities and how to protect your applications. Continue Reading

-ADS BY GOOGLE

SearchMicroservices

TheServerSide.com

Pivotal, Microsoft team up to deliver Azure Spring Cloud

Azure Spring Cloud, jointly developed by Microsoft and Pivotal, lets Spring developers bring apps to the cloud without concern ...
GitHub tempts enterprises with Semmle, security enhancements

With the Semmle semantic code analysis engine freshly added to its quiver, GitHub gives corporate development teams one way to ...
You need more than web app security to stop API attacks

API and web application vulnerabilities may share some common traits, but it's where they differ that hackers will target.

SearchCloudApplications

SearchAWS

Amplify improvements streamline AWS mobile app development

Once just an open source Java library, AWS Amplify is now a full-fledged AWS mobile app development platform. Learn how it works ...
AWS ups the ante to win SAP cloud ERP workloads

New AWS high-memory instances geared for SAP ERP implementations reflect an ongoing push by hyperscalers for these lucrative ...
A go-to AWS migration checklist for DevOps-ready enterprises

Follow this checklist to prepare for a cloud migration and optimize DevOps practices. The steps include advice on tools and ...

SearchBusinessAnalytics

ThoughtSpot 6 advances AI power of BI platform

New augmented intelligence and machine learning tools, along with a new mobile app, highlight the release of the new update to ...
Promethium tool taps natural language processing for analytics

The software, called Data Navigation System, was designed to enable non-technical users to make complex SQL requests using plain ...
Intelligence as a service is key to nonprofit's urban planning

Cobalt Community Research, a nonprofit organization based in Michigan, uses data collected and packaged by TruFactor for urban ...

SearchHRSoftware

Get smarter about HR data security

HR deals with mountains of sensitive employee data and must do a better job of protecting that information. Here's a look at how ...
Walmart, FedEx make case for VR training

The payback from virtual training may be improved retention and shorter training times. An hour-long training period can be ...
Do you know how to improve employee experience? Test yourself

Think you know what it takes to create a positive employee experience for your workers? Take this EX quiz to test your savvy and ...

SearchHealthIT

How to ensure mobile device security in healthcare

It's especially important to secure data in healthcare environments, because patients' information is on the line. Things get ...
Ransomware attacks on hospitals will worsen if security doesn't improve

Ransomware attacks are insidious. Experts urged healthcare CIOs to invest in proactive security measures to combat the growing ...
Meditech EHR moves to public cloud, points to industry trend

When EHR vendor Meditech partnered with Google Cloud Platform, it joined Cerner in a push toward the public cloud. The trend ...

DevOpsAgenda

Close