Enterprise

Stay up to date on the latest cybersecurity trends, best practices, security vulnerabilities, and more.

Enterprise

How to: Testing Android Application Security, Part 2

This blog was written by Kunal Garg. The popularity of Android devices and applications makes it a target for malware and other threats. This post is the second in a short series on Android application security. In the first article we discussed the basic android environment setup and penetration testing. ...

Data Security

Healing an IS Environment with Integrated Security at Boston Medical

Working for a Level 1 trauma center and the busiest emergency room in New England, Boston Medical Center CISO Sumit Sehgal is acutely aware of the role information security plays in keeping critical systems, applications, and data safe so patients can leave the facility in better shape than they arrived. ...

Enterprise

Upcoming McAfee Analyst Webcast, Tech Talks on SIEM

Each month, we’ll highlight upcoming webcasts and Tech Talks on industry trends and topics in a blog post. See below for can’t-miss online events coming up with McAfee: Integrating and Operationalizing Threat Intelligence Threat intelligence can provide valuable information and insight, however, the growing volume of data can quickly become ...

Enterprise

Boost Certificate Security With Android SSL Pinning

Certificate SSL pinning is an extra security layer in the SSL validation process for certificate authenticity. This process verifies that the certificate/key provided by the remote server exactly matches the one pinned on the client side. We have already discussed pinning in an earlier post. When an Android application uses ...

Enterprise

Fingerprinting You and All of Your Things

Your phone checks your identity with your physical fingerprint. We also use the term ‘fingerprint’ to described methods of identifying software and hardware with algorithms that calculate a unique code based on the software structure, operating behavior, or other characteristics. Apps and devices can also potentially identify you by your ...

Cloud Security

How a CASB Integrates with an On-Premises DLP Solution

Deployment architecture for enforcing DLP policies with a CASB and registering enforcement actions in an on-premises DLP solution If you use an on-premises data loss prevention solution such as Symantec DLP, RSA DLP, or McAfee DLP, you’ve likely made significant investments in creating policies and remediation workflows in these applications. ...

Cloud Security

CASB + IdP + EMM: Securing Enterprise Mobile-Cloud Usage

Yesterday it was ransomware, today it is Zuckerberg’s Twitter and Pinterest accounts hack. Each day, stories of security breaches highlight new vulnerabilities that hackers are exploiting to break into enterprise systems. The furious pace of evolution in the security space has led to enterprises continually augmenting their security with new ...

Enterprise

Testing Race Conditions in Web Applications

This blog was written by Sarvesh Pandey. When determining black-box or gray-box application security (penetration testing), an assessor mostly concentrates on the top 10 Open Web Application Security Project vulnerabilities and rarely worries about testing race-condition issues. The general consensus is that race-condition attacks are unreliable and cannot be identified ...

Endpoint Security Security Operations

Comprehensive and Integrated Security at a Regional Commercial Bank

Isn’t it time to invest in a security solution that doesn’t break the bank? One bank offers a textbook case study in corporate data security, since by definition it’s required to safeguard clients’ highly sensitive personal and financial data. This U.S.-based regional commercial bank has undergone a sea of change ...

Cloud Security

200 IT Security Interview Questions

The information security industry faces a severe skill shortage. IT departments cannot find enough experienced applicants to employ, despite advancement in IT security technologies like Secure Web Gateways, Next Generation Firewalls, and Cloud Access Security Brokers (CASB). The shortage has grown so urgent that IT professionals report that a lack ...

Subscribe to McAfee Securing Tomorrow Blogs