As we embark on another year of blogging, it’s always nice to look back on what people enjoyed reading in 2015. There were a lot of hot topics from IoT and connected car security to banking and financial application security to new healthcare security needs all of which will most certainly get some headlines in 2016.
As for 2015, here were our top five blog posts:
The BYOD growth has helped fuel some of the growth in this perimeter security spending increase, but perimeter protection simply won’t cut it in today’s intrusion landscape; applications need self-defense or as Gartner calls it, runtime application self-protection (RASP).
Software diversification is a method of altering an executable binary so that various instances of the same software, while providing identical functionality, to an attacker appear different and operate differently on the binary level. Software diversification confounds an attacker’s attempts to exploit information gained from one deployment to compromise other deployments. It is much harder to develop a universal cracking scheme for software instances that are diversified. Instead, each software instance must be cracked individually.
Let’s face it, there’s more exposed data today thanks to growing trends such as cloud services, BYOD, IoT and social networking. The war zone these trends create between software applications and the adversaries who want to crack them is very broad and diverse. An application can be attacked at various layers, on different hardware, and with very different goals in mind, creating a very complex problem for companies who want to protect their intellectual property.
Financial institutions are increasingly turning to branded consumer mobile apps as a way of gaining and retaining mobile-savvy customers. These mobile apps allow consumers to perform transactions such as depositing checks via check images taken from the mobile device, moving money between accounts and checking the status of their accounts. If these apps are not properly protected, they could provide a venue for malware to steal customer’s user credentials (username, PIN, etc.), account information, check images and other information which could be used to crack a customer’s account and steal their financial assets.
We’re excited to announce that our Secure Key Box 4.6.0 Crypto Module has received the FIPS 140-2 Level 1 certification from NIST. This certification assures that government, financial agencies, and resellers alike that our Secure Key Box module delivers the highest level of protection available for sensitive information.
We look forward to sharing more news, insights, and content as 2016 unfolds, so be sure to bookmark our blog and visit often. Happy New Year!