Security Whitepapers

TO ENCRYPT, OR NOT TO ENCRYPT: WHAT IS THE REGULATION?

Regulations in many countries require organizations to secure and encrypt any communications with their customers. The downside: those organizations now have to grapple with threats that hide within encrypted traffic. The use of codes and ciphers to protect sensitive information began thousands of years ago—the well-known “Caesar cipher” is named for Julius Caesar, who used

2019 PHISHING AND FRAUD REPORT

Welcome to F5 Labs’ third annual report on phishing and fraud. Once again, we’re bringing you data from our partner Webroot as well as the F5 Security Operations Center. Phishing continues to be a major source of profit for cyber-criminals, and a big hassle for cyber-defenders. In the F5 Labs 2019 Application Protection Report, F5

How malware and bots steal your data

Tech advances like the cloud, mobile technology, and the app-based software model have changed the way today’s modern business operates. They’ve also changed the way criminals attack and steal from businesses. Criminals strive to be agile in much the same way that companies do. Spreading malware is a favorite technique among attackers. According to the

4 Ways to Increase Developer Buy-In of AppSec

Today, most organizations are in a race to deliver new, innovative software before their competitors. In turn, they have gone from bi-annual software releases to daily, hourly, or even by-the-minute releases. To keep up with these rapid deployments, security has had to shift from being a late-stage blocker, to an integrated part of the development

STATE OF SOFTWARE SECURITY Open Source Edition

Application security is one of the great frontiers in information security Apart from the code that is authored by developers, virtually no modern application can avoid including open source libraries that provide functionality that would be extremely tedious to write from scratch. Whether we’re looking at a relatively common library with a rich feature set,

Veracode Security Labs

HANDS-ON LABS TO SHIFT SECURITY KNOWLEDGE LEFT WITH VERACODE When it comes to software, developers are really the only ones in an organization who can fix the vulnerabilities in their code. Yet developers often don’t have the training they need to identify or remediate vulnerabilities and to code securely to reduce the number of vulnerabilities

THE STRATEGIC IMPERATIVE FOR BOUNDLESS CYBERSECURITY

Before the COVID-19 crisis even happened, rapid digitalisation and disruption was creating a new “business normal” for each and every enterprise, organisation, business and government agency. Flexible and remote working had been steadily growing for years, but undoubtedly the pandemic has been a clear tipping point, and the need for “boundless security” is now essential.

The threat intelligence handbook

This book will explain how you can begin the process of democratizing threat intelligence and put it into the hands of the people in your organization who can use it effectively. We look at the specific threat intelligence needs of six security teams, the sources of that intelligence, and exactly how the teams can use