Software applications are integral components of an organization’s success. Unfortunately, while applications are built to support faster growth and enhanced user experience, these are also prone to security incidents in the absence of appropriate security mechanisms. Knowing the basics of application security had never been so relevant.
Therefore, over the years UBS has adopted Secure SDLC model to adopt the proper practices and tools to ensure attack vectors do not exploit inherent application vulnerabilities. Below are few examples of security initiatives taken by UBS over the years.
Transport Layer Security (TLS), like Secure Sockets Layer (SSL), is an encryption protocol intended to keep data secure when being transferred over a network. TLS 1.2 is more secure than the previous cryptographic protocols such as SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1. Essentially, TLS 1.2 keeps data being transferred across the network more secure.
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. If a website accepts a connection through HTTP and redirects to HTTPS, visitors may initially communicate with the non-encrypted version of the site before being redirected. This creates an opportunity for a man-in-the-middle attack. The redirect could be exploited to direct visitors to a malicious site instead of the secure version of the original site. The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.
CrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. CrowdStrike secures the most critical areas of enterprise risk – endpoints and cloud workloads, identity, and data – to keep customers ahead of today’s adversaries and stop breaches. Powered by the CrowdStrike Security Cloud, the CrowdStrike Falcon Platform leverages real-time indicators of attack, threat intelligence on evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities – all through a single, lightweight agent. With CrowdStrike, customers benefit from superior protection, better performance, reduced complexity and immediate time-to-value.
Organizations of all sizes generate and manage massive amounts of data, much of it mission critical. The impact of corruption or data loss from human error, hardware failure, malware, or hacking can be substantial. Therefore, it is essential to create a disaster recovery plan for the restoration of business data from a data backup image. RPO (Recovery Point Objective) and RTO (Recovery Time Objective) are two important aspects of IT resilience planning. A Recovery Point Objective (RPO) is the maximum targeted period during which transactional data is lost from an IT service due to a major incident. The Recovery Time Objective (RTO)[9][10] is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption). UBS periodically performs DR drills with two fold objectives; to test the backup are in good-to-recover state and reassessing the RPO and RTO parameters.
Data breaches, hacks, cyber attacks and identity theft have all been in the news. While threat actors continue to come up with new methods to steal information and gain access to systems, there are some simple, preventative measures to help stop them. Keeping your software on latest version is one such layer of protection. Here are some reasons to consider software updates as soon as possible.
Netsparker is an industry-leading web application security solution that automatically scans custom web applications for Cross-Site Scripting (XSS), SQL Injection, and other types of vulnerabilities. It features unique Proof-Based Scanning technology that automatically and safely exploits vulnerabilities and generates a proof of exploit to prove that they are not false positives.
Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws. UBS has been quick in response and very proactive in remediating CVEs like; log4j & WSO2
With ongoing improvements to the R2 platform, sometimes that means retiring outdated functionality or that provides low value to a limited number of customers. There are several motivations for why we deprecate features: