Results ordered by term relevance.

November 21, 2016 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Secure Development Practices for Mobile Applications

Best practices around the secure development of mobile applications are still evolving because of the rapid evolution of the mobile platforms themselves. In this Ask-an-Expert written response, IANS Faculty Jason Gillam outlines the key differences between the secure development of mobile and web applications, and details standard accepted practices around encryption and authentication.

Read More »


October 31, 2016 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Application-Level DoS: Are You Ready?

Application-level DoS attacks can be difficult to detect, challenging to diagnose, and when effectively exploited, they can render your application completely inaccessible. In this report, IANS Faculty Jason Gillam explains how application-level DoS works and offers some key mitigation strategies. 

Read More »


September 1, 2016 | Software Development Lifecycle (SDLC)
By Jason Gillam, IANS Faculty

 Ensuring a PCI-Compliant SDLC Review Process

Establishing a review process for PCI DSS compliance is something organizations should do in a strategic, ongoing fashion, rather than as a once-per-year activity. In this Ask-an-Expert written response, IANS Faculty Jason Gillam details the Building Security in Maturity Model (BSIMM) and demonstrates how organizations can consult this framework to build a continuous compliance review process within the software development lifecycle.

Read More »


January 18, 2017 | Directory Services
By Jason Gillam, IANS Faculty

 Selecting an Access Management Solution

Access management within an organization can often be non-standardized, decentralized, mismanaged and unreliable. In this Ask-an-Expert written response, IANS Faculty Jason Gillam describes three potential solutions to this problem of access management and offers recommendations for when organizations should consider leveraging vendor solutions. 

Read More »


March 9, 2017 | AppDev Frameworks
By Jason Gillam, IANS Faculty

 Deploying Containers Securely

Developers love containers because they are quick, simple to use and allow for easier scaling of hardware resources, but few pay much attention to the security issues they present. With containers in the mix, how can security organizations ensure their developers aren’t continually copying and pasting security issues across the environment? In this report, IANS Faculty Jason Gillam steps you through the worst of the pitfalls to ensure your organization rolls out more secure containerized solutions.

Read More »


April 7, 2017 | Password Management
By IANS Faculty, IANS Faculty

 Poll: What Are the Best Password Strategies?

Password guidelines seems to change all the time. With new recommendations from NIST and vendors like Microsoft cropping up, how can enterprises determine the best approach? In this report, IANS Faculty Rich Guida, John Galda, Jason Gillam, Kevin Beaver, Marcus Ranum and Stephen McHenry offer their opinions and some rules of thumb for creating strong, enforceable password policies.

Read More »