Tag: Application Security

open-source-static-code-analysis-security-tools

The Ultimate List of Open Source Static Code Analysis Security Tools

Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure code.   With the increasingly important mindset of creating quality, secure code from the start, we’ve seen a greater shift towards the adoption of tools designed to detect flaws as

Read More »

21 AppSec & Security Gurus You Should Be Following On Twitter

 Are you an AppSec Tweeter?    Whether you’re a newbie or an old-timer in the world of application security, Twitter is a great place to listen in and connect with some of the best and brightest in the industry. To help, we’ve compiled a list of some of our favorite tweeters to add to your own

Read More »

Ensuring your developers love – or at least don’t hate – security

This post originally appeared on SCMagazine.com.  By Maty Siman, Checkmarx Founder & CTO When it comes to an organization’s software security, there’s been a chronic disconnect between the developers who write and build the code and the security teams who audit and enforce the code’s security. This divide historically arose from common misunderstandings: programmers believe that

Read More »

3 Key Benefits of Automating Your Source Code Review

Automation has taken the business world by storm. We automate everything, from marketing to manufacturing and everything in between, and it often pays off: greater ROIs, higher productivity, less overworked employees. In application security, the same can be true. As web applications have become the essence of business in almost every industry, the risks have

Read More »

Google Turns Deaf Ear to Speech Recognition Exploit in Chrome

Each new technology seems to emerge together with exploitable baggage. Speech recognition, for example, is being used in rising technologies from Siri to smart homes and is evolving quickly. While speech recognition has the potential to make life much easier and quicker, like any technology it comes with flaws. In this case, a Chrome browser exploit

Read More »

Preparing the Cyber-Cops of Tomorrow: Interview with Giovanni Vigna

Each year, hundreds of hackers gather in computer labs around the world. Their goal? Like any other hackers, their goal is to manually exploit application and network level flaws in servers across the globe. If it sounds malicious, it’s just because it mimics real world vulnerability exploitations that happen every day. In fact, this specific

Read More »

This Week in AppSec: December 23–29, 2013

Christmas week did not exactly bring out the best in some this year – especially when it came to breaches and vulnerabilities. Between Target’s mess of 40M customer records breached, Snapchat’s security fail, Samsung’s vulnerability and Dogecoin’s first hack on Christmas Day, the last full week of 2013 was not Application Security’s best. Let’s take

Read More »

Jump to Category