Application Security AwarenessApplication Security VulnerabilitiesOpen Source AnalysisOpen Source Securityopen source security testingsoftware exposure The Open Source Cookbook: Prepping Your Kitchen Oct 10, 2019 by Steven Zimmerman Over the course of this adventure into the culinary world of software development, we have drawn comparisons between open source software and cookie recipes, and equated open source risks to spoiled ingredients. When cooking, it’s imperative that we prep our kitchen properly, stocking the tools and equipment, getting our timing and steps in order, soliciting Read More › Application Security AwarenessApplication Security VulnerabilitiesOpen Source AnalysisOpen Source Securityopen source security testingsoftware exposure
Application Security AwarenessApplication Security VulnerabilitiesMobile App SecurityOWASP 2016 Mobile Top 10software exposuresoftware security Kotlin Guide: Why We Need Mobile Application Secure Coding Practices Oct 3, 2019 by Stephen Gates October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the NICCS, “Held every October, NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to Read More › Application Security AwarenessApplication Security VulnerabilitiesMobile App SecurityOWASP 2016 Mobile Top 10software exposuresoftware security
Application Security AwarenessApplication Security Vulnerabilitiessoftware exposuresoftware securitysoftware security program Becoming Optimus Prime Within Your AppSec Initiatives Sep 30, 2019 by Liron Golan When I was a child, I didn’t dream of becoming a legendary football player or a rock star. My dream was to become a Transformer: specifically Optimus Prime. I am sure some of you in the audience shared the same dream. As you can probably guess, unfortunately, this dream did not come true. But what Read More › Application Security AwarenessApplication Security Vulnerabilitiessoftware exposuresoftware securitysoftware security program
Application Security AwarenessApplication Security VulnerabilitiesOpen Source AnalysisOpen Source ComponentsOpen Source SecuritySoftware Composition Analysis The Open Source Cookbook: Understanding Your Software Ingredients Sep 24, 2019 by Steven Zimmerman As I introduced in my last article, where we explored the variance among open source components, distros, and forks, open source software and modern application development can be equated to baking. This analogy allows us to explore potentially complex topics through the more familiar lens of one’s unique take on popular recipes. This time, I’d Read More › Application Security AwarenessApplication Security VulnerabilitiesOpen Source AnalysisOpen Source ComponentsOpen Source SecuritySoftware Composition Analysis
APIAPI SecurityApplication Security AwarenessApplication Security VulnerabilitiesappsecOWASP API Security ProjectSecure Application Development Why you need to be thinking about API Security Sep 13, 2019 by Erez Yalon As cyber attackers continue to take advantage of vulnerable people, processes, and technology, they are now expanding their operations beyond “traditional” targets. It seems that nothing is outside of their jurisdiction and no one is 100 percent safe from their malicious campaigns. Although organizations are making strides in the right direction to protect themselves, as Read More › APIAPI SecurityApplication Security AwarenessApplication Security VulnerabilitiesappsecOWASP API Security ProjectSecure Application Development
Application Security Vulnerabilitiesappsec awareness programAppSec education programCodebashingSecure Coding Educationsecure coding practices AppSec Training – Necessary, but not sufficient Sep 11, 2019 by Dana Raveh It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security testing tools such as SAST and IAST is necessary to prevent vulnerabilities from entering production, a proactive approach that eliminates the introduction of Read More › Application Security Vulnerabilitiesappsec awareness programAppSec education programCodebashingSecure Coding Educationsecure coding practices
Application Security VulnerabilitiesAppSec VillageBlack Hat USABlack UnicornDEF CON 27 Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019 Aug 16, 2019 by Stephen Gates In the wake of Black Hat 2019 and DEF CON 27, there is no doubt that the cybersecurity industry is growing beyond anyone’s expectations. The sheer number of sponsors and attendees who descended upon Las Vegas last week from all parts of the world ranged in the tens of thousands, with this number continuing to Read More › Application Security VulnerabilitiesAppSec VillageBlack Hat USABlack UnicornDEF CON 27
Application security trainingIntegrated SCESecure Coding EducationSecurity VulnerabilitiesTraining ExposureVulnerable Apps Training Exposure: Addressing Secure Coding Education in Your Software Security Program Aug 15, 2019 by Stephen Gates According to the Verizon 2019 Data Breach Investigation Report, 69 percent of the data breaches investigated by Verizon were perpetrated by outsiders, 63 percent were the result of attackers targeting server assets, and nearly 70 percent of breach incidents were caused by attackers targeting vulnerable web applications. Undoubtedly, there is a substantial connection between vulnerable Read More › Application security trainingIntegrated SCESecure Coding EducationSecurity VulnerabilitiesTraining ExposureVulnerable Apps
Checkmarx Security Research TeamIoTMan in the MiddleMobile App SecuritySecurity VulnerabilitiesVulnerable Appsvulnerable IoT objects LeapFrog LeapPad Ultimate Security Vulnerabilities Aug 7, 2019 by David Sopas Protecting our children from the dangers on the internet is something all parents strive for and struggle with. When you find a toy that you think is safe, and will educate and entertain your child, you buy it. Right? That’s why parents bought and continue to buy LeapFrog’s LeapPad Ultimate. The Checkmarx Security Research Team Read More › Checkmarx Security Research TeamIoTMan in the MiddleMobile App SecuritySecurity VulnerabilitiesVulnerable Appsvulnerable IoT objects
Application SecurityApplication Security TestingAppSec TestingDevelopersDevOpsSecure CodingSecurity Vulnerabilities Adoption Exposure: Your Software Security Needs Integration and Automation Jul 30, 2019 by Stephen Gates There are many software security solutions available today designed to provide insight into important security issues found during software development. As organizations begin moving forward with DevOps initiatives, are their current Application Security Testing (AST) solutions doing the work they need them to accomplish? If you haven’t integrated AST automatically into your vulnerability detection, triage, Read More › Application SecurityApplication Security TestingAppSec TestingDevelopersDevOpsSecure CodingSecurity Vulnerabilities