Tutorials

Building security into the SDLC (Software development life cycle)

PCI DSS compliance: The basics

PCI DSS requires merchants to employ basic application security techniques in order to be in compliance. Here is an overview of PCI DSS and requirement 6.6. Continue Reading
PCI DSS compliance: Web application firewalls (WAFs)

Web application firewalls (WAFs) are one option for those seeking compliance with requirement 6.6 of the PCI DSS. The benefits, limitations and proper implementation of WAFs are discussed by security experts in this section. Continue Reading
Web application security and the PCI DSS

Software security should be integrated into the software development lifecycle at every phase. While the PCI DSS doesn't account for all of this, here are some tips to get you started on a holistic approach toward security. Continue Reading
PCI DSS compliance: Code review

Code review is a broad security concept and those looking at this option for compliance will find plenty of expert information on the types of code review in this section of the guide. Continue Reading
Application threats: CSRF, injection attacks and cookie replay

Web application exploits come in a variety of forms. There are a few that stand out: XSS, for example. But what about XSRF, which is only recently garnering the press is deserves? There are comparatively little resources for less famous exploits. ... Continue Reading

Authentication & authorization: Secure ID and user privileges

Authentication and authorization work together to prevent a multitude of application security attacks. While the basic concepts behind these two methods may be simple, the technology is not. There is a vast array of authentication and authorization ... Continue Reading
Five application security threats and how to counter them

New threats emerge every day. In order to be secure, you must be able to identify the major threats and understand how to counter them. Here is a guide to the five most common and insidious threats to applications -– and what you can do about ... Continue Reading
Developing secure enterprise Java applications

Java application security tips, techniques, tools and other resources from SearchSoftwareQuality. Continue Reading
Developing secure .NET applications

There's no denying the importance of incorporating security at the application level. While some issues are similar across platforms, .NET developers face their own challenges. The resources here will help you understand the basics of .NET ... Continue Reading
SAP application security learning guide

If you're like most IT professionals, security is at the forefront of your concerns. Learn best practices for SAP security and applications security in this learning guide from SearchSAP.com and SearchAppSecurity.com. Continue Reading
Top 10 Web application security vulnerabilities

Based on the Open Web Application Security Project's top 10 project, this guide covers the 10 most critical Web application security vulnerabilities and how to protect your applications. Continue Reading

IT pros look to iPaaS tools for LOB integration demands

App integration and automation are tricky for IT, particularly when business users launch their own projects. Workato is among ...

How to use microservices to manage serverless APIs

Monolithic applications may be a little bit heavy for development of serverless APIs, but microservices can make all the ...

Top enterprise application trends require revamped thinking

Gartner experts revealed the top 10 trends in application architecture they expect to unfold across enterprises within three to ...

TheServerSide.com

What is the preferred developer operating system?

Does the developer operating system play a part in the SDLC equation anymore? Well, it depends on what you're programming. Mobile...

Avoid boilerplate code with this typable Spring beans tutorial

Java is always criticized for being bloated. But there are ways to minimize all the fill-in code. This Spring beans tutorial ...

Why there's not really a best first programming language to learn

Some consider Java to be the best first programming language for developers to learn. But does it really matter? Most languages ...

SearchCloudApplications

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

Microsoft Azure and Google Cloud both added cloud application development tools that improve and simplify the process of creating...

With progressive web applications, developers blur the lines

With progressive web applications, single-page apps, motion UI and other innovations, app development meets the moment, giving ...

Web app development morphs as apps and websites merge

The lines between web and mobile app and websites are blurring, so development silos are out, and boning up on building ...

SearchAWS

DynamoDB pricing option makes it a go-to for serverless apps

DynamoDB had its drawbacks, but the addition of on-demand billing and ACID transactions makes it a solid database option for ...

AWS enterprise strategy targets industry verticals

AWS could soon add services specialized for industries such as healthcare and finance. It might be lucrative, but not everyone ...

COBOL applications can go serverless on AWS Lambda

More business-critical applications can now move to a serverless architecture in the cloud with the arrival of COBOL support in ...

SearchBusinessAnalytics

Tips for creating curated data sets for self-service BI users

Data curation initiatives can help streamline BI processes by reducing the amount of time users spend locating and preparing data...

What the Tableau Hyper engine does and how it was developed

Tableau's new Hyper data engine is designed to boost processing speeds in its BI and data visualization software. Making it work ...

Deep learning in big data analytics with Sisense Hunch

Sisense Hunch, a new Sisense BI tool, enables big data analytics for IoT devices by using deep learning to automatically extract ...

SearchHRSoftware

6 HR vendors make Glassdoor's Best Places to Work

HR tech vendors make tools designed to improve a company's employee experience. So, it makes sense that a handful should appear ...

Ideas to curb bad candidate experience, including a free tool

Your hiring efforts should monitor job applicant resentment, which happens when candidates feel spurned by a company's ...

New employee engagement tools replacing annual surveys

Say goodbye to annual employee surveys. New approaches and better technology are coming to places like Mission Health System and ...

SearchHealthIT

Hospital taps Parachute Health to cut cord on fax machine

New York City's Hospital for Special Surgery deployed software from Parachute Health Inc. to bring the fax machine directly to ...

Medical device risk management hinges on strong processes

Mayo Clinic cybersecurity expert Kevin McDonald has some advice on how health IT pros can reduce the security risks posed by ...

Use of facial recognition in healthcare improves hospital security

Healthcare organizations can use facial recognition to analyze patients' emotions and track them within a facility. The ...

DevOpsAgenda

How to bust security silos and secure your operation

DevOps means velocity, though, not at security's expense. Rapid7's Jen Andre thinks automation and orchestration strategies can ...

The first step from Agile to DevOps is a pilot project

Agile to DevOps isn't as perilous as Waterfall to Agile, but it will take measurable goals and an efficient pilot project to ...

Best practices for DevOps compliance and reusability

You know you want to scale with a model-driven process. So how do you make it work? Start with these best practices for ...