The answer: Both…… if you want optimized coverage.

Most organizations have countless software applications they need to secure, but strict budgets and resources to do so. To ensure the right breadth and depth of test...

In this five part blog series, I've been focusing on covering some of the attacks that have exploited various features in the SSL/TLS mechanism. We've covered general bad practices, bad implementation, oracles, and ...

Fifty years ago, high atop Launch Complex 34 at Cape Canaveral, a spark caused by faulty wiring ignited flammable materials in the pure oxygen environment inside the Apollo 1 capsule during a "plugs out" test. Astronauts...

To celebrate Data Privacy Day, we're doing our part to help raise awareness by promoting privacy and data protection best practices. As cyberattacks continue to grow each year, today is a reminder that everyone, both...

At Security Innovation, our tech-enabled services leverage dozens of internally developed scanners, parsers, scripts and other tools to make our software security testing more efficient. However, authorization testing...

Hackers continue to use new techniques to wreak havoc on software applications and get access to sensitive data. The most effective way to reduce broad-scale application security risk is to conduct threat modeling...

As part of Security Innovation's internship program, I spent a month conducting extensive research on Android malware; in particular, the automated analysis of malware for the purpose of uncovering insights that can help...

In this five part blog series, I've been focusing on covering some of the attacks that have exploited various features in the SSL/TLS mechanism. We've covered general bad practices, bad implementation, and oracles. Today...

The 2016 year has been a consistent reminder that hackers are still hard at work looking to take down top organizations around the world. During this year, we’ve focused on educating our readers about these attacks and...

In this five part blog series, I've been focusing on covering some of the attacks that have exploited various features in the SSL/TLS mechanism. We've covered general bad practices and bad implementation. Today we'll be...