Clerkendweller : Application Security and Privacy

[...] classes of IT security vulnerabilities in online systems that result in failures to secure personal data. The seventh data protection principle requires organisations to take appropriate measures to [...]

[...] Yesterday I described the new report from the ICO, Protecting Personal Data in Online Services: Learning From the Mistakes of Others. Below is a list of the matching [...]

[...] to data controllers to help them to decide whether to notify data subjects in case of a personal data breach. Opinion 03/2014 on Personal Data Breach Notification provides advice to telecomms [...]

[...] training to all Office employees Implement any other security measures as necessary to protect personal data Only retain personal data as long as necessary. Office seem lucky not to have been fined. [...]

[...] trade bodies and academic institutions). The chart can also be useful beyond the realms of application security and application privacy. For example, organisations implementing an information security [...]

[...] Contrast Security has published a new guide about their ideas about building application security into development processes that are reproducible and can be automated as much as possible. [...]

[...] Happy new year. For 2015 I have renamed this blog to "Clerkendweller: Application Security and Privacy". This update reflects the greater focus on both information security and [...]

[...] and peers! As respected information security leaders in the industry, OWASP (Open Web Application Security Project, www.owasp.org) would like to hear your opinion and invite you to share this [...]

[...] In early May I submitted an entry for my OWASP Cornucopia project in the Nominet Internet Awards 2014. Nominet manage the .uk domain space, and want to celebrate the good things about [...]

[...] Following my card game's shortlisting in the Nominet Internet Awards 2014, the awards ceremony was held in the London Film Museum on Thursday 3 July 2014. The [...]

[...] Guide v2.0 is written in English, and is available in three formats: Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book on Lulu. OWASP AppSensor is free to use [...]

[...] and risk profile - building upon existing standard security controls. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Subsequent posts describe the [...]

[...] AppSensor solution applicable to all applications and organisations. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Previous and subsequent posts [...]

[...] to an organisation's own culture, its working practices and its risks. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Previous and subsequent posts [...]

[...] application-specific. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Previous and subsequent posts describe the other parts of the new guide. [...]

[...] attack, and by whom. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Previous and a subsequent post describe the other parts of the new guide. [...]

[...] Project website. Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book from Lulu. Previous posts describe the other parts of the new guide. AppSensor Guide Part [...]

[...] in three formats: Free download from the OWASP web site: .PDF .DOC At cost print on demand monochrome book on Lulu. OWASP AppSensor is free to use and it is licensed under the Creative Commons [...]

[...] , other organisations and society may not even be considered. The impacts identified are for mobile apps that are developed meet the functional, capability, security, and usability needs of people [...]

[...] a new one for what it calls "secure digital transactions" involving web sites and mobile apps. The BSI Kitemark for Secure Websites and Apps (or "BSI Kitemark for Secure Digital [...]

[...] and the vices (snakes) are application security risks. I have created two versions so far: Mobile Apps where the virtuous behaviours are mobile controls from the Mobile Security Project Top Ten [...]

[...] risk. They span market sectors, and application types including web sites, web services, mobile apps, critical infrastructure, and client-server. Each case study demonstrates how business [...]