Papers and articles about security and web applications

How Architectural Decisions Impact Threat Modeling and Security

In threat modeling, various methods can be obtain an overall picture of an application's vulnerabilities and the various mitigation measures. Almost all available methods are based on the fact that a digital system is first designed by its architecture. This usually includes all known components within an application or IT system, how they are interconnected, and where trust boundaries lie. Early decisions about the architecture can therefore have a major impact.

Understanding How to Mitigate Security Threats and Risks with Threat Modeling

In the field of security of web applications and mobile apps, threat modeling is a method that can be considered primarily as a means of performing deliberate risk management. There are many ways to identify and assess threats. Although the techniques differ: The basic principle is always to use them to identify the risks to an application or IT system and, more importantly, to agree on what those risks are.

mgm at the Software Quality Days 2023

mgm will be present at the Software Quality Days from May 23 to 25, 2023 with strong participation in presentations in the disciplines "DevSecOps" and "Quality Assurance Accompanying Development" as well as an information booth.

That’s the thing: ISO 27001 certification for mgm

After around a year of preparation, planning and implementation, mgm technology partners is now an ISO/IEC-27001-certified company. For this, the key information security risks were identified, protective measures were defined and monitoring processes were drawn up.

JavaSPEKTRUM: Article on the holistic approach to security

News about successful attacks on applications and companies is no longer a rarity these days.
Die Website des ii Magazins ist online.

Website of the ii-magazine online: Become part of the ii-Community

The ii-magazine offers well-founded and practical insights into digital transformation - now also on its own website. Join the community: we welcome guest authors!

You shall not pass

A user name and a password are not enough. An increasing number of Internet services are opting for multifactor authentication as being more secure....

Automated driving – lecture on data security and liability

At the European Data Forum in Luxembourg two conference days were entirely devoted to Big Data. Industry experts discussed, with researchers, political decision makers and representatives from community projects, the challenges of the emerging data-driven economy.

Securing your Password Database with bcrypt

Do you also spend sleepless nights because you have saved the passwords of your users in clear text or near-clear text (MD5)? We will show you a simple method how you can smoothly migrate your password database to a much more secure format. The transition is transparent to the users and instant, i.e. as soon [...]

HTML 5 Security (Article in iX 1/2013)

In connection with the Web standard HTML5, developers have made a lot of effort in terms of security. But new features result in growing...