Software and application security

Get advice on software application security. Here you'll find information on software vulnerability and threat management, application attacks, software security tools, application firewalls, software patching and more.

November 10, 2021 10 Nov'21
Exchange zero-day corrected on November Patch Tuesday

Microsoft released a security update to shut down a publicly exploited vulnerability in the beleaguered on-premises messaging platform.
October 13, 2021 13 Oct'21
Microsoft squashes Windows zero-day on October Patch Tuesday

In addition to the publicly exploited bug, Microsoft corrected 76 flaws, including four that had been publicly disclosed, in this month's batch of security updates.
September 15, 2021 15 Sep'21
September Patch Tuesday fixes zero-day, print spooler flaw

The two notable vulnerabilities, disclosed prior to this month's security update releases, receive permanent fixes to supersede earlier mitigation instructions.
August 11, 2021 11 Aug'21
More printer spooler bugs resolved on August Patch Tuesday

Microsoft corrects a Windows zero-day and two publicly disclosed vulnerabilities in this month's batch of security updates.

Bring yourself up to speed with our introductory content

decompile

To decompile means to convert executable or ready-to-run program code -- sometimes called object code -- into some form of higher-level programming language that humans can easily understand. Continue Reading
virtual firewall

A virtual firewall is a firewall device or service that provides network traffic filtering and monitoring for virtual machines (VMs) in a virtualized environment. Continue Reading
8 fundamental microservices security best practices

Despite the benefits, microservices will introduce profound security issues. We review the biggest microservices security challenges and eight strategies used to combat them. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

WUfB vs. WSUS: Which handles Windows updates better?

Trying to get a handle on Windows updates can frustrate even the most seasoned administrators. Which of these two patch management tools fit best in your environment? Continue Reading
5 WSUS alternatives for patch management

Compare the features and functionality of five prominent patch management tools for Microsoft and third-party applications to find the right option for your organization. Continue Reading
Istio service mesh security benefits microservices, developers

Learn more about Istio service mesh security features and how the open source technology can enable developers to better run, control and secure a distributed microservices architecture. Continue Reading

Learn to apply best practices and optimize your operations.

7 best practices to ensure your CI/CD pipeline's security

CI/CD security means fortifying everything that flows through your software pipeline with securing elements -- but the pipeline itself can be a target. Lock it down with these CI/CD protective steps. Continue Reading
3 steps to prepare for Exchange updates

If you dread the process of updating Exchange and the possibility that patches will break the servers, you can take control by putting best practices in place with three steps. Continue Reading
Social media analytics best practices tempered by privacy laws

Social media provides a fertile landscape of information and insight into consumer behavior, but collecting and analyzing that data carries all sorts of privacy pitfalls. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Tips for overcoming MSP patch management pain points

Software patch management is more difficult than it once was. Industry experts offer advice on how to best stay ahead of the patching curve and reduce risks to both MSPs and customers. Continue Reading
How to patch your open source software vulnerabilities

No matter how big your software vulnerabilities backlog has grown, here's how you can tackle it, and get on the path to continuous security monitoring. Continue Reading
Prevent man-in-the-middle attacks on apps, CI/CD toolchains

Man-in-the-middle attacks pose a serious threat to both CI/CD tools and the apps those tools support. Learn how these attacks typically occur -- and how to stop them -- to do DevOps securely. Continue Reading