Organizations using semantics and big data tools are creating a new position called data scientist to help uncover fraud and identify undetected vulnerabilities. Here are profiles of three leaders who have embraced this role.
A data scientist is a new breed of database professional who applies scientific analysis to large data sets to identify patterns and vulnerabilities. Here are five expert tips on how to qualify for the new role.
Many organizations aren't devoting enough resources to ensure that applications for mobile devices are secure, says security expert Jeff Williams. He offers five tips for adequately addressing mobile application security.
Organizations are not taking the advanced persistent threat seriously enough, says Hord Tipton of (ISC)2. But security professionals also are not mitigating the common threats, he says. Watch the video.
"The changes we propose in revision 4 are directly linked to the current state of the threat space - the capabilities, intentions and targeting activities of adversaries - and analysis of attack data over time," says NIST's Ron Ross.
When it comes to application security which approach is best? Is static application security testing better than dynamic testing? Or is manual penetration testing best of all? Or can I forego testing all together and rely on my web application firewall? The answers to these questions seem to vary depending on who...
When the Commonwealth of Pennsylvania suffered a major security breach a few years back, vulnerabilities in a Web application were to blame. CISO Erik Avakian explains how the state developed a process to correct flaws in application code.