With organizational culture – and along with it processes and technology – evolving at a pace we’ve never experienced before, we can’t sit back and wait for the “DevOps fad” to fade away. It’s not a fad, it’s an evolved way of software development. And security cannot be the elephant in the room, the team
The demand for paying with mobile devices may have gotten off to a slow start, especially in the United States, but the next few years will see the mobile payment landscape explode – IDC estimates that by 2020 the global mobile payment market will be worth nearly $4 trillion. From paying bills and transferring
Security tools are becoming more and more popular throughout the world of tech, and for security enthusiasts, and it should be something to celebrate about. But, in reality, we still have a long way to go when it comes to the actual use of the tools. We’ve known for years about the major gap between
Penetration (Pen) Testing has long been the go-to tool for organizations looking to safeguard their applications. But the ever-evolving hacking techniques are exposing this aging solution’s shortcomings. The growing consensus in security circles is that applications need to be bolstered from the core – the source code. This is exactly where Static Analysis enters the picture, helping detect application
With the industrialization of cybercrime and rise in hacking severity, the value of traditional application security techniques is imploding. The Web Application Firewall (WAF), considered as a go-to security solution until not long ago, is currently experiencing a constant erosion in its effectiveness. On the other hand, Static Application Security Testing (SAST) solutions are gaining momentum.
The massive rise in the number of web and mobile applications in recent years has indirectly led to an inferno of cybercrime that aims to exploit application-layer vulnerabilities. Organizations have a wide range of security products at their disposal today, but they are often unable to decide between automated and manual application security testing. This
A wise man once said, “to measure is to know…if you cannot measure it, you cannot improve it.” When it comes to application security, measurements are crucial to the success of your program. But determining how to best combine your measurements into metrics which show your programs value is much more important. As a CISO
Due to the growing demand for robust applications, the secure Software Development Life Cycle methodology is gaining momentum all over the world. Its effectiveness in combating vulnerabilities has made it mandatory in many organizations. The objective of this article is to introduce the user to the basics of the secure Software Development Life Cycle (also known
Organizations today are aware of security risks they can be exposed to as a result of bad or wrong code practice. However, while awareness is the first step, being able to act is a whole other ballgame. After witnessing more and more companies being hit by attacks based on well-known vulnerabilities, we sought to understand what’s holding organizations
In our global, digital world, data is king – and malicious attackers are on a constant lookout for ways to conquer the throne. With a rapidly changing business landscape,the old, reactive approaches to security are no longer enough – if they ever were. Effective application security leaders are changing their tactics to keep up with the transformations.