AppSec Tips
& Best Practices

Learn from AppSec success stories and discover tips and best
practices for Developers, CISOs and Security Managers to help
in securing every part of the SDLC.

5 Steps That WILL Raise Your Developers Information Security Awareness

In the sameA�post where Bruce Schneier famously said that he personally believes a�?that training users in security is generally a waste of time, and that the money can be better spent elsewhere,a�? he added an important caveat about training developers. Developers, he wrote, a�?are people who can be taught expertise in a fast-changing environment, and

Read More »

8 Problems Every Application Security Program Leader Has To Tackle

Despite the astounding rise in cybercrime and hacking incidents worldwide, the modern Application Security Program Leader faces numerous bumps and obstacles on a daily basis within hisA�organization.A�Application security has come a long way in the last decade, butA�the inherited limitations of the traditional solutions are not making life easy.

Read More »

Security and DevOps: How To Get Started

The Rise of DevOps A� The methods we use to develop software have gone through radical transformations over the last five years. a�?Slow and steadya�� has evolved into quick and agile methodologies like DevOps. A� Based on disrupting the silos between Developers and Operations, DevOps embraces the idea of a shared culture of trust, collaboration

Read More »

SAST vs WAF a�� 5 Reasons To Opt For SAST

With theA�industrialization of cybercrime and rise in hacking severity, the value of traditional application security techniques is imploding. The Web Application Firewall (WAF), considered as a go-to security solution until not long ago, is currentlyA�experiencing a constant erosion in its effectiveness. On the other hand,A�Static Application Security Testing (SAST) solutions are gaining momentum.  

Read More »

Proactive AppSec

The Ten Commandments of Proactive Application Security

When youa��re constantly reacting to suspicious alerts and fixing vulnerabilities only after theya��ve been exploited, youa��re missing the point of application security. A� Application security, according to Wikipedia, a�?encompasses the measures taken throughout the code’s life-cycle to prevent gaps in the security policy of an application or the underlying vulnerabilities… of the application.a�? The practice

Read More »

Application Security Metrics: Where (And Why) To Begin?

A wise man once said, a�?to measure is to know…if you cannot measure it, you cannot improve it.a�? When it comes to application security, measurements are crucial to the success of your program. But determining how to best combine your measurements into metrics which show your programs value is much more important. As a CISO

Read More »

6 Tips for Ensuring Your Application Security Program Isn’t a Flop

Baking security in to our applications is just not an option anymore. The explosion of the number of applications within organizations, coupled with the constant breaches we hear about (and the many more we dona��t) don’t allowA�room for complacency when it comes to securing your organization and customer data.   Yet CISOs and security managers

Read More »

XSS: The Definitive Guide to Cross-Site Scripting Prevention

As old as web browsers themselves, cross-site scripting (XSS) has been an ongoing issue in the security world. Its’ consistent appearance on the OWASP Top 10 and in news reports ofA�cross-site scripting attacks has kept the security issue in the spotlight over the years. Yet after two decades the security issue remains one of the

Read More »

3 Things to Know About Managing Open Source Components in Your App

Manage your software where it’s created. It is in your continuous integration environment where the various pieces of code become software. While some of the software is proprietary, much of it (probably over 50%) is open source components, as your development teams use open source components to boost their productivity and make better products. You most

Read More »

Jump to Category