Improvements in patch deployment and secure coding practices have made a slight impact on the incidence of vulnerabilities, according to a new Cenzic report.
Despite web application vendors being more responsive and releasing security patches much faster than in 2012, new research revealed that it is still taking an average of over two weeks for critical vulnerabilities to be fixed.
An ongoing shortage of skills in application security is severely hampering the implementation of effective Appsec programs, according to SANS.
In case you haven’t heard the term before, a drive-by download (DbD) is a class of cyber attack where you visit a booby-trapped web site and it automatically, and silently, downloads and executes malicious code on your computer.
GitHub is the latest service to announce that they have started a security bug bounty program.