Posts by Denim Group Team

Case Study: UFC – Defense in Depth

Denim Group Boosts Security and Availability of UFC®’s Critical Applications Denim Group helps UFC® keep a sports and entertainment heavyweight on top of rapid, global expansion Background Based in Las Vegas, Nevada, Zuffa, LLC is the parent company of the popular UFC® mixed martial arts (MMA) organization. UFC’s rapid growth as a sports and entertainment venture […]

Post: The Internet of Things (IoT) Changes Security

A few years ago, when you thought of all the devices connected on your home network, a desktop, a laptop and maybe an iPod or one of the first smartphones would be on the top of your list. Before advances in Wi-Fi, you could easily create a simple diagram of your home network and the […]

Case Study: Fortune 500 Title Insurance Company

Key Business Challenge The Chief Information Security Officer (CISO) of a Fortune 500 title insurance company wanted to measure the security state of the organization’s application portfolio and determine how best to improve the security of these business-critical systems. Background This title insurance company managed a portfolio of web-facing applications that provide a variety of […]

Post: For Mobile Application Security, What Sort of Protection Do App Stores Provide?

iOS (iPhone/iPad) Non-jailbroken iOS devices can only install applications from the official Apple iTunes App Store. The App Store has an application approval process whose methods are not publicly disclosed, but that does not appear to do meaningful security checking of applications. Instead applications are checked for the use of undocumented APIs or other violations. […]

Post: Why is Mobile Application Security Important?

As more organizations explore ways to push functionality to mobile devices, there is a desire to move an increasing amount of sensitive data onto the device. In addition, there is a push to have more sensitive calculations performed on devices. With the dramatic increase in the number of devices, their technical capabilities, and their use […]

Post: What is Code Signing?

Code signing is the process of attaching a digital signature to application binaries. Cryptographic functions are used to identify a specific application binary and associate that binary with a specific developer or organization. This allows other systems to understand several things about an application: The source of the application based on who signed the application […]