OWASP: Application Security is Everyone’s Responsibility
The Open Web Application Security Project (OWASP) bridges the gap between security professionals and developers with valuable resources, tools, and events.
The Swiss Cheese Model: Human Error Puts Holes in IT Security
Reduce vulnerabilities to security breaches and data loss by shoring up a common weakness: human error.
6 Physical Security Trends Creating Opportunities for ISVs
Physical security trends are driven by the demand for more effective ways to secure facilities and control access.
Can Anti-malware Prevent .LNK Cyberattacks?
Advice a short time ago was to tell your clients not to click on .EXE files, and email server security allowed people to reject emails with those attachments. Not to be undone, cybercriminals found other ways in.
A SentinelOne article explains that to bypass those security measures, attackers began delivering...
Q3 2018 Security Update: ISVs Must Focus on Small Business, Latest Cyberthreats
You may have the solution that can keep your clients safe from current cyberattacks and security risks. Here are current security challenges your clients are facing and some actions you can take to help them defend their businesses.
Protect Targeted Industries, SMBs
According to Symantec’s Monthly Threat Report, the email malware...
Q2 2018 Security Update: Cyberthreat Watch for Software Developers
The cyberthreat landscape is always changing, so it’s vital to stay informed of trends that can impact your business. Here are four cybersecurity challenges your clients need solutions for today:
Email Attacks, Phishing and Spear Phishing
Malware delivered via email continues to be a major attack vector. Symantec’s March 2018...
5 Practical Steps to Successful Partnerships with Offshore Software Development Teams
In this industry, talent can be hard to find. Forrester released the results of a study that found you may have to pay 20% above market salary rates this year when you’re looking for particular skills. When your ISV company needs to expand its resources, partnering with an offshore...
5 Email Phishing Trends — What You Need to Know
Did you know that more than 90 percent of all successful cybersecurity attacks begin with email phishing? Not surprisingly, industry reports tell us it's only going to get worse in 2018 and beyond.
Below are five phishing-related threats you should be aware of that can impact your cybersecurity:
1. The Cloud
A lot more...
10 Remote Management and Password Security Best Practices Every ISV Should Follow
As the software market continues to grow and evolve at a rapid pace, it’s tempting for ISVs to focus on writing code that makes their software better and more powerful while overlooking key security considerations. Specifically, when it comes to providing remote support, make sure you’re following these 10...
How Does your Software Align with the Hottest M&A Trends?
At RSPA Inspire 2018, a business thought leadership conference I recently attended, Jeff Riley, VP of mergers and acquisitions, for The Corum Group, gave a presentation on the mergers and acquisitions (M&A) tech landscape. What struck me most about his presentation was how many ISVs are naturally aligned with...
First Data Could Get Tough with Unsecured Merchants
In a few days, First Data will start to disable the accounts of customers who access its systems over unsecure connections.
The company has been sending out notifications and reminders for over a year about changes that will be made to its Datawire service beginning on February 15th.
If merchants have taken...
PCI Compliance Primer for ISVs
Software developers unfamiliar with the nuances of incorporating credit card processing into their software might wonder what the term “PCI compliance” is when they hear it and be confused about why it matters for their business. PCI compliance represents adhering to the Payment Card Industry Data Security Standard (PCI...
PCI Security Standards Council Issues Guidelines for Software-Based PIN Entry on Mobile
Today the PCI Security Standards Council (PCI SSC) announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf devices (COTS), such as smartphones and tablets. The PCI Software-Based PIN Entry on COTS (SPoC) Standard provides requirements for developing secure solutions that enable EMV contact and contactless transactions with...
Two Security Threats ISVs Can’t Ignore: Spectre and Meltdown
We all knew it wouldn’t be long before the next major computer security vulnerability scare would emerge, but I must admit this latest is a doozy – both in its timing and scope. Known collectively as Spectre and Meltdown, the bugs exploit flaws in microprocessors (especially Intel). Even Mac...
6 Tips for Protecting Your Retail Customers from Cyberthreats
Last year there were so many security breaches, ranging from the U.S. Department of Justice to Yahoo, that it was difficult to keep track of them all. And this year — with WannaCry, Petya, the CCleaner breach, Wikileaks CIA Vault 7, Cloudbleed and the Equifax breach, just to name a...
