• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

DevelopSec

  • Home
  • Podcast
  • Blog
  • Resources
  • About
  • Schedule a Call

Archives for August 2015

August 21, 2015 by James Jardine Leave a Comment

Tips for Securing Test Data (Scrubbing?)

An application typically has multiple environments from development through to full production. It is rare to find an application that doesn't use some form of data. Some applications may use just a little data with a very simple database, while others may have very complex database schemas with a lot of data. Developers usually load just enough data to test the features/functions being implemented in the current iteration. Production systems contain actual customer information which may be … [Read more...] about Tips for Securing Test Data (Scrubbing?)

Filed Under: General Tagged With: data, data scrubbing, data storage, production, qa, qa testing, security, security awareness, security testing

August 15, 2015 by James Jardine

Tips for Securing Test Servers/Devices on a Network

How many times have you wanted to see how something worked, or it looked really cool, so you stood up an instance on your network? You are trying out Jenkins, or you stood up a new Tomcat server for some internal testing. Do you practice good security procedures on these systems? Do you set strong passwords? Do you apply updates? These devices or applications are often overlooked by the person that stood them up, and probably unknown to the security team. It may seem as though these systems … [Read more...] about Tips for Securing Test Servers/Devices on a Network

Filed Under: General Tagged With: application, application security, hackers, laudanum, network, penetration testing, security, security awareness, security testing, shell, testing

August 4, 2015 by James Jardine Leave a Comment

Disabling Paste for Passwords?

Passwords, while a simple concept, are one of the most complex issues in security. A majority of user authenticated systems rely on a password to verify the end user. Over the years we have seen many different recommendations for strong passwords. I have talked about this subject many times. The complexity, while difficult to define, has gotten more difficult over time. At first, it was 8 characters with upper, lower case characters and a number or special character. The focus has … [Read more...] about Disabling Paste for Passwords?

Filed Under: General Tagged With: application security, developer, password, secure application, secure coding, secure design, secure development, security

August 1, 2015 by James Jardine Leave a Comment

The FTC’s “Start with Security: A Guide for Business” Document

The FTC recently released a document to help companies learn from others' security mistakes. The document titled Start with Security: A Guide for Business. It provides ten (10) different security lessons learned by other companies, included below: Start with security. Control access to data sensibly. Require secure passwords and authentication. Store sensitive personal information securely and protect it during transmission. Segment your network and monitor who's trying to get in and … [Read more...] about The FTC’s “Start with Security: A Guide for Business” Document

Filed Under: General Tagged With: administrators, application, awareness, developer, ftc, lessons, lessons learned, network, security, security awareness

Primary Sidebar

Contact Us:

Contact us today to see how we can help.
Contact Us

Footer

Company Profile

Are you tackling the challenge to integrate security into the development process? Application security can be a complex task and often … Read More... about Home

Resources

Podcasts
DevelopSec
Down the Security Rabbithole (#DTSR)

Blogs
DevelopSec
Jardine Software

Engage With Us

  • Email
  • GitHub
  • Twitter
  • YouTube

Contact Us

DevelopSec
Email: james@developsec.com



Privacy Policy

© Copyright 2018 Developsec · All Rights Reserved