Layer 7 Technologies has just been acquired by CA Technologies for the purpose of augmenting CA SiteMinder with Layer 7’s API Management & Security Suite. Layer 7 specializes in adding “access, security, SLA and management features” to existing service APIs.
Google+ Sign-In extends the Google+ social network into third-party websites, desktop applications and mobile apps. This service, announced on February 26th, provides features for authentication, authorization and activity sharing. There is also support for user engagement, hangouts and automatic Android app downloads.
Smaller releases, automated testing, and a culture that embraces security are the reasons why panelists at the RSA 2013 conference say that Devops can be a huge boon for application security.
MongoDB 2.4 was recently released with new features such as Text Search, hash-based sharding, better geo-spatial capabilities with GeoJSON support and several performance and tooling improvements. We also discussed with 10gen about what’s next on the roadmap.
Android 4.2.2 includes security enhancements such as application verification, Always-on VPN, certificate pinning, installd hardening including few other security fixes.
Windows Security is a hard problem. There are countless optional settings that can introduce security vulnerabilities, many of which are enabled by default. The documentation for these settings are scattered with current articles freely mixed with out-of-date versions. One solution to this is the Microsoft Security Compliance Manager.
The investigating agency Kaspersky Labs uncovered in mid January that the Red October attackers used the Rhino exploit in Java as an additional delivery vector.
While 94% of businesses consider business process automation an important component of their overall productivity, opinions differ on the role of cloud technologies in automation solutions. According to a new survey conducted on behalf of Redwood Software, the use of cloud technologies differs greatly between the United States and United Kingdom, and among industries.
Oracle has published a major security update for Java. The update was originally scheduled for February 19th, but was released a fortnight early on Friday because of "active exploitation 'in the wild' of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers".
The last publicly available release of Java 6 is to be released on February 19th 2013. After that date all new security updates, patches, and fixes for both the runtime and SDK of Java SE 6 will only be available through My Oracle Support, and will therefore only be available to users with a commercial license with Oracle.
Following a spate of high-profile security issues, Oracle's head of Java Security, Milton Smith, is promising that the vendor will fix issues with the platform, and improve its communication to community members.
CryptoLicensing v2013 for .Net includes license service activation console, new methods, properties with support for Mono, Android platforms including several improvements and bug fixes.
Oracle today released Java 7u11 with security fixes for remote code execution vulnerabilities related to escaping the applet sandbox through crafted reflection API calls. Read on to find out more about it, and how to find out if you are affected or not.
Syncfusion has announced the availability of Orubase Version 1 which ships with Project Wizard, SQLite and Encryption Support.
A central theme with Windows 8 is the Microsoft Account. This is another attempt to offer a single sign-on system for both Microsoft and third-party services. Microsoft Account is available for Windows 8 apps, normal websites, Windows Phone, Android, and iOS.