CI/CDDASTDevOpsDevSecOpsIASTSAST What the heck is IAST? May 21, 2019 by Dana Raveh The application security testing (AST) world is made up of different solutions, all with one ultimate goal – to protect software from hackers, and their attacks. SAST and DAST are perhaps the two most common and well-known solutions. In the last few years, a newcomer has gradually received more-and-more attention – IAST. So what is Read More › CI/CDDASTDevOpsDevSecOpsIASTSAST
continuous integrationDevOpsDevSecOpsIASTSAST SAST & IAST – The Power Couple in the DevSecOps Era May 8, 2019 by Dana Raveh DevSecOps has become one of the hottest buzzwords in the DevOps and security ecosystem over the past couple of years. But what is it, and how do you turn it into reality? DevSecOps executes on the belief that security and development teams are jointly responsible for bolstering security – essentially bringing development and operations Read More › continuous integrationDevOpsDevSecOpsIASTSAST
CIOCISODevOpsDevSecOpsOpen SAMMOWASPSAMMSecure SDLCsecurity maturitySoftware Assurance Maturity ModelsSDLC Learn How You Can Get a Running Start with DevSecOps Feb 18, 2019 by Matthew Rose DevOps is an evolving philosophy, and now is the time–just as you start embracing DevOps in your organization–to start building security into both your DevOps philosophy and processes. DevOps philosophy started with the core principles of W. Edwards Deming’s points on Quality Management, binding the development of services and their delivery to IT Operations. As Read More › CIOCISODevOpsDevSecOpsOpen SAMMOWASPSAMMSecure SDLCsecurity maturitySoftware Assurance Maturity ModelsSDLC
AISA Australian Cyber ConferenceBitKom Hub BerlinBlack Hat USABSides Las VegasBSides VancouverCISO AfricaDefCon 27DeveloperWeekDevelopmentDevOpsDevOps ConferencesDevSecCon LondonDevSecCon SingaporeGartner Security & Risk Management SummitHouSecConInfosecurity EuropeIT Security Expo and CongressIT-SALes AssisesNullcon X ConferenceRencontres De La SecuriteRSA ConferenceRSA Conference APJsoftware securityTop 100 CISO Awards & Annual Summit Your 2019 Essential Software Security, Development, & DevOps Conferences Feb 1, 2019 by Haidee LeClair “DevOps” encompasses a wide range of topics – throw security in there and you’ve added even more. This roundup includes events throughout the year and around the globe, from small events to community conferences and up. Whether you’re passionate about software security, ethical hacking, software development, cloud security, or DevOps, there’s something on this list Read More › AISA Australian Cyber ConferenceBitKom Hub BerlinBlack Hat USABSides Las VegasBSides VancouverCISO AfricaDefCon 27DeveloperWeekDevelopmentDevOpsDevOps ConferencesDevSecCon LondonDevSecCon SingaporeGartner Security & Risk Management SummitHouSecConInfosecurity EuropeIT Security Expo and CongressIT-SALes AssisesNullcon X ConferenceRencontres De La SecuriteRSA ConferenceRSA Conference APJsoftware securityTop 100 CISO Awards & Annual Summit
agile developmentApplication Security TestingDeveloper EducationDevOpsDevOps cultureDevSecOpsGartner Magic Quadrantsecurity Shifting to DevSecOps, with Software Security Testing Built In Jan 15, 2019 by Matthew Rose Many organizations today are in the process of transitioning to a DevOps-centric approach, but don’t want to leave security behind. In order to build security in from the beginning of their software development process, it’s essential to enhance your security posture by integrating application security testing solutions into the software development life cycle at your Read More › agile developmentApplication Security TestingDeveloper EducationDevOpsDevOps cultureDevSecOpsGartner Magic Quadrantsecurity
Application Securityartificial intelligencecloudDevOpsDevSecOpsIoTmicroservicesmobilesoftware exposuresoftware security AppSec Is Dead, but Software Security Is Alive & Well Dec 4, 2018 by Matthew Rose Everyone agrees that an enterprise’s application ecosystem must be protected, especially when data breaches are reported with alarming frequency and the average total cost of a breach comes in at $3.62 million. However, defeating increasingly severe threats requires a holistic approach to security, one that places an emphasis on managing not only application vulnerabilities but all Read More › Application Securityartificial intelligencecloudDevOpsDevSecOpsIoTmicroservicesmobilesoftware exposuresoftware security
application security toolsBest practicesDeveloper EducationDevOpskey threatsopen source security testingsoftware securitysoftware security program Managing Software Security: 10 Essential Best Practices [Infographic] Nov 7, 2018 by Haidee LeClair Is your software security program up to the challenges of a rapidly accelerating software delivery environment? Most aren’t – and it’s challenging to both identify the problems and determine the best ways to manage software security in a DevOps environment. Learn some of the essential best practices for managing software security now. Educate Your Team Read More › application security toolsBest practicesDeveloper EducationDevOpskey threatsopen source security testingsoftware securitysoftware security program
Best practicesDevOpsDevOps toolsDevOps workflowssecurity trainingssoftware security program Learn 10 Key Tips to Make Your Software Security Program Thrive Oct 11, 2018 by Liora R. Herman The DevOps era brings together skyrocketing complexity with white-hot speed of delivery to create growing value and responsiveness in software design. Companies such as Amazon deploy code every 11 seconds, while Facebook executes 50,000 builds each day. With so much complexity and speed, the risk of security vulnerabilities slipping through the cracks is magnified intensely. Read More › Best practicesDevOpsDevOps toolsDevOps workflowssecurity trainingssoftware security program
Application SecurityDevOpssoftware security Why Security and DevOps Desperately Need Couples Counseling Aug 26, 2018 by David Spark While at the 2018 Black Hat Conference in Las Vegas I asked attendees point blank if they think that security and DevOps should be in couples counseling. The universal response was a laugh and then a resounding, “Yes.” The reason couples go to couples counseling is because they’re not getting along. They’re not communicating. Usually, only Read More › Application SecurityDevOpssoftware security
Application SecurityDevOpssoftware exposuresoftware security Checkmarx Report: Tackling Software Exposure in the DevOps Cycle Aug 7, 2018 by Maty Siman Today, in an effort to better understand the evolving nature of software delivery and the role security plays, we released a new report, “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle,”which we commissioned with FreeForm Dynamics in coordination with The Register. The report aggregates input from 183 respondents worldwide, the majority Read More › Application SecurityDevOpssoftware exposuresoftware security