First, thanks to PreEmptive for inviting me to do a guest post.
Since you're reading this on preemptive.com, you are already aware and probably concerned with the importance of planning for security in application development. And in this guest blog post, I want to address specifically the security vulnerabilities that legacy applications present to your entire organization.
If the Equifax hack wasn't a wakeup call for your entire appsec team, you're probably headed for an earlier retirement than you might otherwise have planned for.
Applications are under siege. As demonstrated by the recent Equifax breach and many others, hackers leveraged everything from compromised mobile apps to cloud-based vulnerabilities. The result? Enterprise IT teams are recognizing that they’re being targeted – particularly their critical apps.
We have just released Dotfuscator Professional 4.31 and it’s available for immediate download (both for clients and as a free evaluation).
Dotfuscator Professional 4.31
- Extends its application protection to new development communities for the very first time.
The GDPR is comprehensive; its impact is far reaching, and the penalties for infringement are severe (up to €20 million or 4% of global annual revenue, whichever is higher).
In short, no impacted business can afford to ignore The GDPR. As the May 2018 deadline looms, organizations find themselves scrambling to be “GDPR ready” – but what exactly does that mean?
According to the official EU GDPR website, http://www.eugdpr.org, “The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years.”
This may well be true. The GDPR includes unprecedented penalties connected to data breaches, it reaches across international borders, and it targets both data owners and 3rd party service providers that process/manage that data.
Garbage in, garbage out is shorthand for “incorrect or poor quality data will always produce faulty results.”
The “garbage data” vulnerability is especially gnarly in that there is actually no fix – no cure.
The only viable development strategy is one of avoidance.
- Android-O support,
- Kotlin support,
- Improvements to our Android Wizard, and
- Build performance improvements.
BUT the feature I’m most excited about is the addition of our latest Check Type, Android Root Detection.
Applications drive corporate success. As noted by Business 2 Community, the average American smartphone owner uses more than 10 apps per day and spends over three hours per day connected to the Internet via their mobile device. The problem? Rapidly-expanding app markets combined with easy-to-find hacker kits make the current environment a cybercriminal’s paradise — according to recent Ponemon data, the average cost of a data breach is around $3.62 million and the size of breaches is trending up. It gets worse: According to Gartner, 99 percent of app vulnerabilities exploited won’t rely on new, sophisticated attack vectors, but existing vulnerabilities that infosec pros have seen in the wild for at least a year.