In my May 20 blog, I outlined 10 convenient methods that your organization could use to improve its level of mobile application security knowledge.

Never in my wildest dreams did I expect that blog to be tweeted, posted to LinkedIn, shared on Facebook or emailed as much as it has been since the initial publication date. I’m truly grateful for the interest in the topic and for the support in getting our valuable mobile application security message circulated.

Based on your interest in this compelling topic, I’m pleased to share another 10 convenient ways to increase your mobile application security knowledge with you below. As always, we encourage you to share the content via social media or email with colleagues who might find the information beneficial.

1. Download Our New Application Security Management E-guide

The e-guide “Five Ways to Achieve Risk-Based Application Security Management” discusses key obstacles to effectively managing application security risk and describes five easy-to-follow steps to implement risk-based application security management in your organization. The five steps are as follows:

  • Create an inventory of application assets and assess their business impact.
  • Test applications for vulnerabilities.
  • Determine risks and prioritize vulnerabilities.
  • Remediate risks.
  • Measure progress and demonstrate compliance.

The guide also summarizes how more effective application security processes can help security, quality assurance and development teams improve collaboration and reduce the threat of potential data breaches.

2. Learn How Your Organization Can Benefit From IBM’s Expanded Partnership With Box

On June 24, IBM and Box announced a strategic partnership designed to accelerate secure sharing, collaboration and analytics on mobile devices. By reading about secure mobile collaboration, you’ll learn how your organization can expand its knowledge of current security risks and vulnerabilities, improve data protection and bolster overall mobile security protection by taking advantage of the expanded partnership.

3. Read ‘3 Ways to Make Mobile Security as Easy as Hitting the “Like” Button’

In this article, Koos Lodewijkx, chief technology officer for IT risk at IBM, offers three practical recommendations for managing IT security in an evolving workplace where millennials are predicted to comprise 50 percent of the workforce in just five years. Generally defined as employees who were born between the years 1981 and 2000, that group expects to be able to connect with colleagues and access their work anytime, anywhere and typically through multiple devices.

However, this new technological freedom can place your organization at an increased risk for potential cyberattacks. You need to learn how to balance security with employee productivity and flexibility.

4. Participate in the ‘Increase Your Organization’s Commitment to Risk-Based Application Security Management’ Webinar

In this webinar, you’ll learn how to instill an organizational culture that truly values application security risk management. Currently, IT and business management have little visibility into the overall state of application security in most organizations. But an application-based data security breach can have a significant impact on your brand reputation and your bottom line. Attend this webinar and learn how five easy-to-follow steps can be followed to improve your application security risk management program. A replay will be made available after the session.

5. Enlighten Yourself About Digital Privacy Dangers Lurking in the Dark Web

As part of its “2015 State of Application Security Report,” IBM partner Arxan and iThreat Cyber Group (ICG) analyzed data that examined the distribution of pirated software and digital assets on the Dark Web. The results of the analysis were alarming and indicate that digital piracy is growing rapidly. Read this blog on digital piracy to educate yourself about the topic and find out how you can enhance the protection of your mission-critical digital assets.

6. Check Out the New Application Security on Cloud Infographic

By reviewing this infographic, you’ll learn how to leverage our cloud-based IBM Application Security Analyzer to improve mobile and Web application security by performing periodic security testing, identifying high-priority vulnerabilities and improving the effectiveness of your program. You’ll also experience the peace of mind that’s derived from eliminating security vulnerabilities from Web and mobile applications before they’re placed into production and deployed.

7. Spend Three Minutes to Educate Yourself About the Importance of Mobile Binary Code Protection

Application attackers can easily gain access to the binary and source code of your mobile applications, permitting them to reverse engineer, tamper with or insert malware into your code, which jeopardizes your organizational data. In the three-minute video below, you’ll learn how to address those significant threats by hardening mobile applications and protecting them at runtime.

8. Attend the ‘Surviving the Mobile Phenomenon: Securing Mobile Access With Risk-Based Authentication’ Webinar

This webinar centers around how you can use risk-based authentication to protect your enterprise and its critical data. Securing mobile apps begins by authenticating users, managing access controls and confirming that their mobile devices have not been compromised. Join this webinar to learn how you can provide employees with mobile access to enterprise applications and corporate data without compromising security.

9. Learn Why Your Organization Should Adopt a Strategic, Risk-Based Approach to Application Security

In this short video, Constantine Grancharov, the product manager for IBM Application Security Solutions, discusses why organizations should adopt a strategic, risk-based approach to application security. He also touches on how managing risks and effectively appropriating security resources can pay off for enterprises.

10. Register for the Webinar ‘Mobile Payments: Protecting Apps and Data From Emerging Risks’

Mobile payment systems are becoming more prevalent, and users are constantly on the lookout for programs that are fast, efficient and secure. While they want their private information protected from cybercriminals, they don’t want to sacrifice user experience. So how do organizations balance these needs without leaving vulnerabilities exposed?

In this webinar, sponsored by the Financial Services Information Sharing and Analysis Center, IBM and Arxan explore how you can protect sensitive data while implementing mobile payment technology and preserving your overall customer experience.

Want to Learn Even More?

For even more information on application security, read the latest Security Intelligence posts on the topic or register for upcoming webinars.

More from Application Security

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…