Hi {{ session.user.profile.firstName }}

Application Security

  • Date
  • Rating
  • Views
  • Interested in runtime application self-protection (RASP) but not sure where to start? This webinar will share best practices to help you organize your evaluation project. We will cover topics such as:

    •Objectives for your evaluation
    •which apps to choose for a proof of concept?
    •Where to begin – development, test, or production?
    •what to measure, how to create a baseline and assess the delta
    •questions to ask the vendors

    Come away with a plan for your evaluation.
  • Cyber Crime cost US companies an average of $15 million in 2015 – a significant increase from a year earlier. It’s a troubling trend unearthed by the Ponemon Institute’s 2015 Cost of Cyber Crime study. You know the risks, but you need the data to plan your defenses and demonstrate the cost of inaction. In this Webinar Dr. Larry Ponemon and

    HP CISO Brett Wahlin will explain how to craft an effective preemptive security strategy. You’ll learn:

    -What cyber crimes are most common and most costly
    -The hidden internal and external costs you incur
    -What security defenses are most effective in reducing losses
    -How businesses with a strong security posture drive down costs
  • The old school of cyber defense emphasized securing infrastructure and restricting data flows, but data needs to run freely to power our organizations. The new school of cyber defense calls for security that is agile and intelligent. It emphasizes protecting the interactions between our users, our applications, and our data.

    The world has changed, and we must change the way we secure it. Join Frank Mong, VP & General Manager of Security Solutions, and hear why you need to secure your:
    - Cloud services
    - Data (wherever it is)
    - Apps (wherever they run)
  • No one wants to end up as the next headline from a cyber security attack. But application security can be hard to do and takes time. Perhaps you failed an audit or swallowed the risk of vulnerabilities to get a new business app online. You need to CYA (cover your apps) fast!
    Learn how runtime application self-protection can protect you in minutes when your applications:

    • are too complex, too fragile, or ill supported to risk changing the code to remove security vulnerabilities
    • have thousands of vulnerabilities – or that have never been tested – but are in production
    • rely on code that is off-the-shelf, third party, or in the cloud - don’t be at the vendor’s mercy.

    Learn how to identify and defend software vulnerabilities while the app is still being used. Quickly implement compensating controls to breeze past that next audit.
  • In today's world where applications are distributed through cloud and mobile platforms, the risks to vulnerable applications are multiplying. Application managers are looking for ways to consolidate controls around their disparate applications and assign the proper staff, leadership and workflow processes to do this.

    Based on the 2014 Application Security Programs and Practices survey, application security is on the rise, with 83% of 488 respondents reporting some sort of application security program in place (up from 66% in SANS' 2013 survey). In the 2014 survey, respondents' primary focus for their security programs was around web applications.

    This year's survey intends to find out how the rise of mobility and cloud applications is changing respondents' application security program efforts and to gather best practice advice for secure management of disparate applications throughout their lifecycle.

    This second part of the webcast will focus on issues in application development.
  • Watch now to learn more how the HP Enterprise Security products work together to fight off the bad guys.
  • Higher-order features such as lambdas exist ubiquitously in web applications and frameworks. They make development easier, but at a cost of added complexity and exposure to high risk vulns and attacks. However, statically ruling out such vulnerabilities is theoretical and practically challenging, especially when high-order functions and complex control-flow collide with opaque, dynamic data structures such as objects.

    This talk aims to provide an easy-to-understand explanation of higher-order function and the difficulties involved in assessing it. We’ll include a brief report on the how HP Fortify Static Code Analyzer handles higher-order analysis and our plans for future improvements. Note: Content focused on a technical-level viewer.

    Download the SCA Solution Brief in the attachments for further reference.
  • There are a lot of reasons why you should fortify your application security to protect your business from hackers. And there are probably many reasons why you're not doing as much as you might.
    In this video, HP and Slashdot Media detail the top 10 reasons you should enhance application security. And they go on to show you how HP Fortify static and dynamic application security testing products help you do it. Fortify uses the latest security intelligence to help you cut compliance testing time in half, find and fix vulnerabilities in hours, and enable the collaboration among development, testing, and security teams that make your applications and your business more secure.
  • Greater than 80% of today’s breaches occur with application software, yet many companies continue to invest in ‘over the wire’ solutions that are not solving the problem. Runtime Application Self-Protection, or RASP, is an emerging market that promises to protect applications from the inside. Using the rich context of the application’s logic and associated core libraries, RASP identifies attacks in ‘real-time’ and stops them. Implementation is quick and requires no changes to your application’s code. Join us to learn more about what RASP can do for you.

    •Why context from inside the application matters
    •How easy it can be to use native capabilities of Java and .NET to protect your applications
    •Use cases to get you started.

    Help lead your enterprise to a stronger, more effective security program.
  • In the world of information security, the past isn’t dead; it isn’t even the past. The 2015 edition of HP’s annual security-research analysis reveals a threat landscape still populated by old problems and known issues, even as the pace of new developments quickens. In 2014, well-known attacks and misconfigurations existed side-by-side with mobile and connected devices (the “Internet of Things”) that remained largely unsecured. As the global economy continues its recovery, enterprises continued to find inexpensive access to capital; unfortunately, network attackers did as well, some of whom launched remarkably determined and formidable attacks over the course of the year.

    The 2015 edition of the HP Cyber Risk Report, drawn from innovative work by HP Security Research (HPSR), examines the nature of currently active vulnerabilities, how adversaries take advantage of them, and how defenders can prepare for what lies ahead. Jewel Timpe, HPSR’s senior manager of threat research, describes the report’s findings and explains how this intelligence can be used to better allocate security funds and personnel resources for enterprises looking toward tomorrow.

Embed in website or blog