Application Security & Software Security Blog

What the 2021 OSSRA report tells us about the state of open source in commercial software

Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.

Neil Daswani talks about his big breaches book and the BSIMM

Dr. Neil Daswani discusses the root causes of today’s breaches and how the BSIMM can help companies achieve the right security habits.

Penetration testing: A yearly physical for your applications

Regardless of your company’s maturity level, penetration testing should be conducted annually to understand the health of your applications.

Integrating fuzzing into DevSecOps

Fuzzing helps detect unknown vulnerabilities before software is released. Learn when and where to integrate and automate fuzz testing in your SDLC.

Don’t be the weak link in your customers’ supply chain security

To solve the supply chain security dilemma, producers must get back to security basics. Get best practices for securing your supply chain.

Medical device security in a pandemic world

The pandemic has put a lot of things on hold over the last year, but medical device security shouldn’t be one of them.

AppSec Decoded: What are organizations doing to manage open source vulnerabilities?

In this AppSec Decoded interview, we look at the top takeaways from the ‘DevSecOps Practices and Open Source Management in 2020’ report.

Synopsys CyRC named a CVE Numbering Authority

As a CVE Numbering Authority, Synopsys can assign CVE ID numbers and publish newly discovered vulnerabilities.

How to cyber security: Minimize risk and testing time with Intelligent Orchestration

Integrating AST tools into your CI/CD pipeline shouldn’t compromise your development velocity. Learn how Intelligent Orchestration can help.

Hacking medical devices: Five ways to inoculate yourself from attacks

Healthcare companies must follow medical device security best practices to defend against attacks on devices and the networks and systems they connect to.

Next Entries »

Be the first to know

Don’t miss the latest AppSec news and trends every Friday.

Subscribe to the blog

The state of open source in commercial software

Software Integrity Blog

Eight must-have features in an IAST solution

Things to consider when choosing a software composition analysis tool

How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

What the 2021 OSSRA report tells us about the state of open source in commercial software

Neil Daswani talks about his big breaches book and the BSIMM

Penetration testing: A yearly physical for your applications

Integrating fuzzing into DevSecOps

Don’t be the weak link in your customers’ supply chain security

Medical device security in a pandemic world

AppSec Decoded: What are organizations doing to manage open source vulnerabilities?

Synopsys CyRC named a CVE Numbering Authority

How to cyber security: Minimize risk and testing time with Intelligent Orchestration

Hacking medical devices: Five ways to inoculate yourself from attacks

Legal

Follow