Managing Risk is More Important Now Than Ever

February 20, 2018 2099 Views Gabriel Torok

I just read the Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2018.

Forrester reminds us all that “Risk and compliance management is more important than ever, thanks to the increasingly intangible nature of business value and the growing risk of violating customer trust.”

The report evaluated 14 leading GRC (governance, risk, and compliance) vendors: ACL, Enablon, IBM, LogicManager, MetricStream, Nasdaq, NAVEX Global, Riskonnect, RSA, Rsam, SAI Global, SAP, ServiceNow, and Thomson Reuters. What was most interesting to me is that 50% of these leading providers use PreEmptive’s application protection tools as part of their own strategy.

With software applications driving new business models, corporate reputations are increasingly at risk and regulatory fines are skyrocketing. Now is an ideal time to implement a comprehensive risk management strategy.

Free Trial

Request Quote

Request Demo

Announcing DashO v9.0

DashO v9.0 is out, and it has a new major version number for a very good reason: we've made some major improvements!

Java 9 and 10 support, including module support

In DashO v8.4, we introduced "provisional" Java 9 support, and we published an article describing our Java 9 roadmap. Java 9 support was provisional because there were cases where DashO would process a Java 9 app in a way that DashO thought was correct but would actually result in a broken app. As part of our commitment to the "principle of least surprise", we didn't want users to discover those issues by accident, so we made Java 9 support require an opt-in.

As of DashO 9, Java 9 (and 10) support is no longer provisional; it is a fully-supported feature, without an opt-in - and without surprises. There are a few edge cases, still, but those will generate build warnings or errors, as appropriate.

Now is the time to seriously look at how you are protecting and securing your applications

The U.S. National Institute of Standards and Technology (NIST) has published two data-security focused documents in as many months.

In June 2018, NIST published guidance on assessing requirements for securing unclassified information (NIST Special Publication 800-171A Assessing Security Requirements for Controlled Unclassified Information).

In July 2018, SPECIAL PUBLICATION 1800-1 Securing Electronic Health Records on Mobile Devices was published offering a practical guide to meeting the specialized security and privacy obligations that come with the management of health records on mobile devices.

JSON is a widely used format for sharing objects and data within an application. To protect .NET applications that serialize and deserialize JSON objects, you should be aware of some special considerations.

Consider a basic Employee class:

All apps are vulnerable. That’s the takeaway from a recent Trustwave report, which found that 100 percent of web applications could be compromised in a cyberattack. Combined with the uptick in mobile malware, account takeover fraud and blockchain-based attacks, companies spend most of their time fending off new attacks while trying to keep current apps up and running.

The result? It’s easy to assume that when applications aren’t directly under attack, they’re effectively safe. The truth? More code handling more data increases the risk of “leaky apps” — applications which unwittingly expose sensitive data to prying eyes.

Here’s how you plug the holes.

Anyone developing software applications today can easily feel overwhelmed by the persistent security threats their products face from application counterfeiting and malware injection to theft of services and confidential information. This article discusses some of ways hackers go about their dirty deeds and how to achieve a balanced perspective on application risk and risk management allowing you to release applications with greater confidence. Gaining this confidence requires a deeper knowledge of the risks and potential remedies.

Managing Risk is More Important Now Than Ever

Announcing DashO v9.0

Java 9 and 10 support, including module support

Latest NIST Publications Reinforce the Importance of Application Hardening in Securing Data

Now is the time to seriously look at how you are protecting and securing your applications

Protecting .NET applications that use JSON objects

"Leaky Apps” Are Draining Your Data — Here’s How You Plug the Hole

Five Evil Things a Hacker Does to Your App

Latest Blog Posts

Announcing DashO v9.0

Latest NIST Publications Reinforce the Importance of Application Hardening in Securing Data

Protecting .NET applications that use JSON objects

"Leaky Apps” Are Draining Your Data — Here’s How You Plug the Hole

Five Evil Things a Hacker Does to Your App

Latest News

Dotfuscator Adds Rooted Device Controls to Meet Exceptional Xamarin.Android Demand

Microsoft Build 2018

PreEmptive Solutions Launches GDPR Compliance Relief Program

Protecting Your Xamarin Apps with Dotfuscator

Third Major Dotfuscator Community Edition Release in 12 Months Expands Real-time Defense and Streamlines Xamarin Integration

Twitter

App Protection Blogs

Managing Risk is More Important Now Than Ever

Java 9 and 10 support, including module support

Now is the time to seriously look at how you are protecting and securing your applications

Latest Blog Posts

Latest News

Twitter