We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.

Filter By:

Type

Topic

Recent Podcasts

Blog

\ Blog\ AppDev 



August 14, 2017 | AppDev Frameworks
By Adam Shostack, IANS Faculty

 Shostack: Learning From npm's Rough Few Months

The node package manager (npm) is having a bad few months. Organizations need to look at their controls for identification, protection and detection around package management, and if they make a package manager, threat model the heck out of it. 

Read More »


January 9, 2017 | Application Development and Testing
By Dave Shackleford, IANS Faculty

 What We DON'T Need to Worry About as Much in Infosec This Year

While it's certainly important to anticipate what we might be facing as infosec professionals in the coming year, the side of the coin that often tends to go unexplored is what we don't need to worry about as much anymore. What infosec issues have we largely "solved?" What do we have a good handle on that we can put toward the bottom of the priority list?

Read More »


March 24, 2015 | Vulnerability Assessment and Management
By Gunnar Peterson, IANS Faculty

 Study: Many Companies Do Nothing to Secure Their Mobile Apps

Recent reports have shown that employees across businesses have thousands of unsafe applications installed on their phones, while the threat of bugs like Heartbleed only continues to expand. Despite these risks, however, a new study found that most companies aren’t doing much – if anything – to improve the security of their own apps.

Read More »


March 18, 2015 | Application Development and Testing
By Dave Shackleford, IANS Faculty

 DARPA-Backed Tool Mimics Humans, Uncovers Security Flaws in Software Code

Recently, it’s seemed as if major software flaws have been a dime a dozen, with Heartbleed, Ghost and now FREAK among the most prominent. A new tool designed by a Cambridge, Mass. laboratory and funded by the Defense Advanced Research Projects Agency (DARPA), however, aims to combat these flaws by exposing and fixing them before they are released.

Read More »