Checkmarx Acquires Custodela to Bring Enhanced Automation to DevSecOps Programs!

Tag: software security

AppSec Is Dead But Software Security is Alive & Well

AppSec Is Dead, but Software Security Is Alive & Well

Everyone agrees that an enterprise’s application ecosystem must be protected, especially when data breaches are reported with alarming frequency and the average total cost of a breach comes in at $3.62 million. However, defeating increasingly severe threats requires a holistic approach to security, one that places an emphasis on managing not only application vulnerabilities but all

Read More ›

Managing Software Security 10 Essential Best Practices [Infographic]

Managing Software Security: 10 Essential Best Practices [Infographic]

Is your software security program up to the challenges of a rapidly accelerating software delivery environment? Most aren’t – and it’s challenging to both identify the problems and determine the best ways to manage software security in a DevOps environment. Learn some of the essential best practices for managing software security now. Educate Your Team

Read More ›

Why Security and DevOps Desperately Need Couples Counseling

Why Security and DevOps Desperately Need Couples Counseling

While at the 2018 Black Hat Conference in Las Vegas I asked attendees point blank if they think that security and DevOps should be in couples counseling. The universal response was a laugh and then a resounding, “Yes.” The reason couples go to couples counseling is because they’re not getting along. They’re not communicating. Usually, only

Read More ›

Checkmarx Report: Tackling Software Exposure in the DevOps Cycle

Today, in an effort to better understand the evolving nature of software delivery and the role security plays, we released a new report, “Managing Software Exposure: Time to Fully Embed Security into Your Application Lifecycle,”which we commissioned with FreeForm Dynamics in coordination with The Register. The report aggregates input from 183 respondents worldwide, the majority

Read More ›

20 Ways to Make Application Security Move at the Speed of DevOps

20 Ways to Make Application Security Move at the Speed of DevOps

Security has been getting a bad rap. For far too long the perceived “inhibitors” have been sidestepped by DevOps in an effort to increase productivity. As Ryan Davidsen, vp, worldwide security solutions, Secureworks, noted, “Traditional approaches for integrating security oversight with application development aren’t keeping pace with the speed required by today’s DevOps teams.” But

Read More ›

Software Security Testing

Who Needs Software Security, Anyway?

In recent years, the advent of mobile and cloud computing revolution has brought to light a serious issue affecting both organizations and individuals: software security. Every day, there’s a new story we hear about some website or application being penetrated, releasing sensitive information that is sold, abused, and exploited. As a consequence, companies lose their credibility (along with

Read More ›

All You Need to Know About Shellshock & What You Can Do About It

So, what happens when a core component of Mac, Linux and other Unix-based operating systems is found to be highly vulnerable and easily exploitable?  Last week, we found out: On September 24th, the world was first introduced to a family of bugs in the Bash shell, being referred to both as ‘Shellshock’ and ‘Bashdoor’. Here’s

Read More ›

3 Key Benefits of Automating Your Source Code Review

Automation has taken the business world by storm. We automate everything, from marketing to manufacturing and everything in between, and it often pays off: greater ROIs, higher productivity, less overworked employees. In application security, the same can be true. As web applications have become the essence of business in almost every industry, the risks have

Read More ›

Jump to Category