Why do the Vast Majority of Applications Still Not Undergo Security Testing?

#artificialintelligence

Did you know that 84% of all cyber attacks target applications, not networks? What's even more curious is that 80% of Internet of Things (IoT) applications aren't even tested for security vulnerabilities. It is 2018, and despite all the evidence around us, we haven't fully accepted the problem at hand when it comes to software security. Because we haven't accepted the problem, we are not making progress in addressing the associated vulnerabilities. Which is why after an active 2017, we are already seeing numerous new attacks before we leave the first quarter of the year.


Making security the business of everyone in the company

ZDNet

Security has traditionally been the domain of the IT department - more specifically, the security staff and chief security officer. From these flow security policies, rules that are laid down for the protection of the company's assets. However, as we have seen in the cases of BYOD in particular and shadow IT generally - where departments will, for example, often buy in cloud services or download applications without going through IT - if employees perceive rules to be inconvenient and obstructive, they are often circumvented or ignored. Security procedures in particular are likely to be perceived as inconvenient. To take an extreme example, blocking up your front door and windows will prevent burglaries and be a very effective security measure, but it is hardly convenient.


What is cyber security? How to build a cyber security strategy

#artificialintelligence

Cyber security is the practice of ensuring the integrity, confidentiality and availability (ICA) of information. It represents the ability to defend against and recover from accidents like hard drive failures or power outages, and from attacks by adversaries. The latter includes everyone from script kiddies to hackers and criminal groups capable of executing advanced persistent threats (APTs), and they pose serious threats to the enterprise. Business continuity and disaster recovery planning are every bit as critical to cyber security as application and network security.


Imperva acquires app security firm Prevoty in $140m deal

ZDNet

Imperva has announced the acquisition of Prevoty in a deal worth $140 million. On Thursday, Redwood Shores, Calif.-based Imperva said that together with Prevoty, the companies would "provide comprehensive security solutions to protect application services residing on-premises and in the cloud." The acquisition has been agreed for $140 million in cash, subject to working capital. Cybersecurity firm Imperva offers the Incapsula, SecureSphere, and CounterBreach product families for the protection of websites, apps, APIs, and databases while maintaining compliance. Prevoty is a provider of security-as-a-service solutions for web applications, including the Autonomous Application Protection (AAP) platform.


Accelerating Security Innovation: Introducing the Palo Alto Networks Application Framework

ZDNet

At Palo Alto Networks, we strive to provide the most compelling security to our customers, delivered with the utmost consistency across the network, endpoint and cloud. We are trusted by more than 39,500 customers to protect their organizations, prevent cyberattacks, and help maintain trust in the digital age. Our decade-long journey was founded on two words: innovation and disruption. The time has come to once again help change the future of the security industry, but this time we aren't forging the way by ourselves - we are building on everything we have done and dramatically changing the consumption model for the most comprehensive security achievable. It is time to unleash security innovation, entrepreneurship and better protection for our customers.