Best practicesDevOpsDevOps toolsDevOps workflowssecurity trainingssoftware security program Learn 10 Key Tips to Make Your Software Security Program Thrive Oct 11, 2018 by Liora R. Herman The DevOps era brings together skyrocketing complexity with white-hot speed of delivery to create growing value and responsiveness in software design. Companies such as Amazon deploy code every 11 seconds, while Facebook executes 50,000 builds each day. With so much complexity and speed, the risk of security vulnerabilities slipping through the cracks is magnified intensely. Read More › Best practicesDevOpsDevOps toolsDevOps workflowssecurity trainingssoftware security program
Application SecurityOWASP Top 5 OWASP Resources No Developer Should Be Without Jan 9, 2018 by Sarah Vonnegut Writing secure code is now a must for developers. The rising number of attacks on organizations big and small and the fallout for companies who’ve been breached are growing. As such, security is finally moving out of the periphery to become a mainstay for business continuity. Read More › Application SecurityOWASP
Application SecurityOWASP A Closer Look: OWASP Top 10 2017 – Application Security Risks Dec 3, 2017 by Arden Rubens Open Web Application Security Project (OWASP) is an organization filled with security experts from around the world who provide information about applications and the risks posed, in the most direct, neutral, and practical way. Since 2003, OWASP has been releasing the OWASP Top 10 list every three/four years. The list consists of the top biggest Application Security Read More › Application SecurityOWASP
Continuous Security Testing for Microservices Oct 18, 2017 by Dafna Zahger Being a part of today’s tech-industry, you probably notice all winds blowing towards the implementation of DevOps and CI\CD methodologies, and rightfully so. Today’s software developers face an ever growing need for speedy development-to-production cycles with uncompromising security and reliability. One way of facing the speed versus quality challenge is the introduction of microservices. Read More ›
Application SecurityXSS 3 Ways to Prevent XSS Oct 9, 2017 by Sarah Vonnegut When we discuss vulnerabilities in applications, there are different categories that we come across. Some vulnerabilities are extremely common yet allow for little or no damage should an attacker discover and exploit them, while others are incredibly rare but can have major, lasting impact on the organizations behind the attacked application. Then, there’s the third Read More › Application SecurityXSS
Agile Software DevelopmentAgile Software EnvironmentApplication SecurityAutomated TestingIASTInteractive Application Security Testing Why You Need Automated Security in an Agile Software Environment Sep 25, 2017 by Sarah Vonnegut Today’s business cycles require faster and more innovative results more than ever before in order to stay competitive. As organizations speed up their time to market, they are realizing the waterfall methodology is no longer working. Now they are creating and adopting rapid application development methodologies. One of those methodologies, agile software development is arguably Read More › Agile Software DevelopmentAgile Software EnvironmentApplication SecurityAutomated TestingIASTInteractive Application Security Testing
Secure Coding A Closer Look: Securing with Jenkins Aug 28, 2017 by Arden Rubens Acclaimed by the DevOps world and best known as the leading open source automation server for continuous integration (CI) and continuous delivery (CD), Jenkins is a Java-based program designed to monitor a set of executions in a software environment. Jenkins allows developers to rapidly detect and resolve errors in the code base and boosts automated Read More › Secure Coding
PHP An In Depth Look: Top PHP Frameworks Aug 10, 2017 by Arden Rubens PHP is an open source scripting language designed for web development. When the language was first released in 1994, PHP stood for Personal Home Page. Today, PHP is referred to as a backronym – PHP, Hypertext Preprocessor. PHP is a dynamic language allowing developers run their code instantly, without having to compile it first. Read More › PHP
Application Security AppSec Metrics That Matter Jul 11, 2017 by Sarah Vonnegut Metrics matter. Metrics are important because they tell you, stakeholders and budget planners how well you’re meeting your set goals. Metrics ensure that your program has visibility and is the only way to effectively communicate the value of your application security program. If you simply go through the AppSec motions of scanning and fixing, Read More › Application Security
Application SecurityCyber Security How to Raise Cybersecurity Awareness at all Levels of Your Organization Jun 15, 2017 by Sarah Vonnegut We’ve said it once and we’ll say it again: an organization is only as secure as its weakest link. Most, if not all, of your employees are online and on their mobile devices in your workplace, whether you have a BYOD policy in place or not. Developers release software with millions of lines of code, Read More › Application SecurityCyber Security