Web application security fundamentals (IBM Website)

With the emergence of Web 2.0, increased information sharing through social networking and increasing business adoption of the Web as a means of doing business and delivering service, websites are often attacked directly. Hackers either seek to compromise the corporate network or the end-users accessing the website by subjecting them to drive-by downloading.
As a result, industry is paying increased attention to the security of the web applications themselves in addition to the security of the underlying computer network and operating systems.

IBM InfoSphere Guardium

In this article, you will learn how InfoSphere® Guardium® provides database activity monitoring and auditing capabilities that enable you to seamlessly integrate Hadoop data protection into your existing enterprise data security strategy. You will learn how to configure the system and to use InfoSphere Guardium security policies and reports tailored specifically for Hadoop environments, including IBM InfoSphere BigInsights, Cloudera, Hortonworks Data Platform, and Greenplum Hadoop..

IBM Security AppScan Standard

With the explosive growth in the mobile ecosystem, mobile application security is a huge concern. New mobile application designs require new ways of testing to ensure data safety. In this article, explore different aspects of mobile application security. With hands-on examples, learn to use IBM® Security AppScan® Standard with mobile user agents and with emulators and actual devices for Android and iOS.

The links to the IBM information article is below

Intel Federal Application Security

Building on Intel's deep experience with large-scale government deployments, Intel® Expressway Service Gateway has been engineered to take advantage of Intel hardware optimizations to deliver best in class performance and hardened, high-assurance security to improve Federal Application Security
The Intel website containing the video is below

Intel Application Security

For application security today, the recommended solution is to approach security as its own dedicated layer. In other words, in addition to the traditional 3-tier architecture of presentation, domain and data, we add a fourth layer, the application security layer. If you are writing a 2-tier native mobile application the security layer sits in front of the API gateway and data tier. Similar to TCP/IP, channels of communication from the security layer downward are trusted.

Intel® EP80579 Software for Security Applications: API Manual

Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application. Applications only control the mind of resources granted to them, and not which resources are granted to them. They, in turn, determine the use of these resources by users of the application through application security.

Software Pattern Matching Solution for Security Applications (Intel Website)

HyperScan is a high-performance Regular Expression (Regex) pattern matching library that enables security applications to scale their deep packet inspection (DPI) performance linearly to up to 160 Gbps. It delivers rich, content scanning functionality that allows equipment developers to dramatically increase performance in a variety of applications: intrusion prevention (IPS), firewall, anti-spam, anti-virus (AV), deep packet inspection (DPI), unified threat management (UTM), and web/email content filtering.

Fundamentals of Application Security

According to the Ponemon Institute, 73 per cent of organisations have been hacked at least once in the past two years through insecure web applications resulting in customer data exposure or downtime of critical systems. It is critical that organisations understand and address these new risks to protect themselves against significant financial and reputational damage. The application security awareness e-learning course was designed with the intent to present programmers with the fundamental concepts in application security.