Applications have become as complex as ever, and with the constant evolution and advancement of applications, cyber threats have become of the biggest risks that organizations today face – and as most of the past cyber attacks on organizations teach us, those risks can be absolutely disastrous. Therefore, along with the increased business risks and
Tag: Secure SDLC
To start the discussion on why a Secure SDLC is more important now than ever, we need to take a look at the evolution in applications and how they’re being secured. Both applications and the way organizations are tasked with securing them have changed dramatically over the past few decades.
Penetration testing, more commonly called pentesting, is the practice of finding holes that could be exploited in an application, network or system with the goal of detecting security vulnerabilities that a hacker could use against it. Pentesting is used to detect three things: how the system reacts to an attack, which weak spots exist that
Faster, predictable releases, lower development costs, and a market constantly demanding new features and products have made the ecosystem ripe for the emergence of a new way of developing software. The development world responded to those demands, bringing the DevOps movement from unknown into the mainstream. Multiple releases a day would have been unheard of
Static code review, as a phrase, is actually a bit misleading. Static code review refers to two divergent methods of security testing: static code analyis and code review. These methods check code for flaws, security issues and quality concerns that, when combined, help developers ensure that their code is not only free from potential exploits
It’s 2016 – and yet, somehow, ‘easy-to-avoid’ vulnerabilities like SQL injection and XSS can be found on websites of government agencies, Global 500 companies, as well as in highly sensitive medical and financial applications developed and deployed around the world. Two decades of the same kinds of attacks and we still haven’t gotten secure application
As requirements for faster release cycles and applications packed with more features than ever keep organizations rushing to production, we can’t afford to skip a beat when it comes to security. Developers with all stages of security knowhow are being hired, and right beside giving developers a thorough education in secure coding is ensuring the