Access control lists

Security testing News

  • April 26, 2017 26 Apr'17

    DevSecOps, or how to build safer software so much faster

    DevOps can help develop software faster, but that's not making it any safer. DevSecOps is an effort to bring security into the mix. Here are some ways to get started.

  • December 02, 2016 02 Dec'16

    Android app security tested by malware and vulnerabilities

    Android app security is under attack this week with vulnerabilities in the popular app, AirDroid, and malware that steals Google account authentication tokens.

  • July 01, 2016 01 Jul'16

    Putting the 'Secs' into DevOps

    We have already examined the ‘phenomena’ that is DevOps and asked what it really means, how it really works and how to tame this new beast here on Computer Weekly. Matthew Pendlebury, a senior ...

  • June 20, 2016 20 Jun'16

    InfoSec Afterburner: what developers think about security

    Computer Weekly has a topic-classification field labelled 'application security and coding requirements' and it's there for a reason. All too often we talk about security in terms of what chief ...

View All News

Security testing Get Started

Bring yourself up to speed with our introductory content

View All Get Started

Evaluate Security testing Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

View All Evaluate

Manage Security testing

Learn to apply best practices and optimize your operations.

View All Manage

Problem Solve Security testing Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

  • Identifying and addressing overlooked web security vulnerabilities

    Certain web security vulnerabilities evade detection due to oversight or carelessness. Expert Kevin Beaver discusses the top overlooked issues and how to address them. Continue Reading

  • How can enterprises leverage Google's Project Wycheproof?

    Google's Project Wycheproof tests crypto libraries for known vulnerabilities, but there are potential drawbacks to this tool. Expert Matthew Pascucci explains them. Continue Reading

  • Insider Edition: Attaining security for IoT, through discovery, identity and testing

    Ever since the internet of things became a "thing," the potential for abuse has been well documented; how best to achieve security for IoT is not yet clear. This Insider Edition of Information Security magazine tackles that second issue head on.

    In three feature stories, our experts examine the key aspects closely related to IoT security: device discovery, IoT identity and IoT security testing. It's basic to security that, to devise a proper security strategy, a security team must possess an accurate record of what exactly needs to be secured. The challenge when it comes to security for IoT is in cataloging, assessing and classifying devices that can number into the thousands and are often located outside an enterprise's physical boundaries. Certain industries, such as healthcare, are well into tackling this challenge. But increasingly more companies of all sizes will have to give the issue careful attention. Discovery involves identity issues, another focus of this edition, and once a security team has refined their IoT security policy, the next logical step is to implement a process of IoT security testing.

    Readers of this Insider Edition will come away with a deeper understanding of how to approach security for IoT, from how to create a compilation of what needs to be secured to how to set up a successful security testing process. When it comes to internet of things security, the threat of breaches may never be fully eliminated, but the odds that enterprises will thwart attacks can be improved through proper policy and security systems.

     Continue Reading

View All Problem Solve