In our security-conscious era, Web services have surprisingly escaped scrutiny. That's a strange lapse given how these services are supposed to form the underpinning of our information infrastructure.

WS-Security is the premier Web services standard that handles more complex authentication, confidentiality, and integrity for SOAP messages. It supports passwords, Kerberos, X.509 digital ...

If the blizzard of specifications related to Web services security has left you snow blind, you have plenty of company. WS-Security, from Microsoft, IBM, and VeriSign, deals with the protection ...

In their rush to implement Web services, some companies may be exposing themselves to new security risks that they may not fully understand, a security researcher said at the CanSecWest/core06 ...

Are Web services developers condemned to re-committing security oversights of the past? Hurwitz says it certainly seems so--if reliance on SSL encryption is any indication.

The Web Services Interoperability Organization (WS-I) announced on Tuesday publication of its WS-I Basic Security Profile 1.0 , serving as a guide for enabling secure, interoperable Web services.

The security device maker has announced its expansion from Web applications into Web services, in an effort to ride the wave of two popular trends.

Amid AWS re:Invent, cloud startups discussed Amazon Web Services security and how they're solving issues like misconfiguration and visibility.

Organizations increasingly relying on Amazon Web Services infrastructure need to assess the security controls and configuration of the critical connections to its application services or risk a ...

WS-Security [Web Services-Security specification] are not yet mature. … I think there will be less security than would be desirable in a lot of [vendors] solutions.

Its ExamineST Web services security tool provides vulnerability assessment to test for security problems with Web services at their development phase.