Application Security & Software Security Blog

Under pressure: Managing the competing demands of development velocity and application security

Nearly 50% of development teams knowingly release vulnerable code. Learn why vulnerabilities are overlooked and how you can improve application security.

Open source licenses: No license, no problem? Or … not?

Understand the three common scenarios for why unlicensed open source is found in the codebase and the implications of it being embedded in commercial apps.

BSIMM11 tracks top trends in market activity

Measure and improve your software security initiative using the four key market activity trends observed in the new BSIMM11 report.

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

Learn how this year’s CWE Top 25 list of the most dangerous software weaknesses can be used to set priorities in your application security.

BSIMM11: Tracking the cutting edge of software security initiatives

BSIMM11 gathers research on software security activities from real-life firms to create a guide to help you navigate your software security initiative.

TANSTAAFL! The tragedy of the commons meets open source software

Open source projects can become victims of their own success. What can developers do to secure their open source software?

Black Duck continues to expand vulnerability prioritization methods

Today’s release of Black Duck adds vulnerability impact analysis, which indicates whether your application executes vulnerable code. Let’s look at how this addition further augments your prioritization efforts.

Developing a COVID-19 track and trace app — through the lens of Synopsys

The rapidly evolving COVID-19 emergency has set off a global race to trace, and Synopsys offers key considerations for track and trace application development.

How to cyber security: Pain in the *AST

What’s the difference between IT security and application security? And what do all those acronyms mean? Learn more in our quick cyber security primer.

Defensible risk management can improve your job security

If your organization suffers a data breach, your job security might hinge on whether you’ve practiced defensible risk management. Don’t make these mistakes.

Next Entries »

Be the first to know

Don’t miss the latest AppSec news and trends every Friday.

Subscribe to the blog

Software Integrity Blog

How to Cyber Security: Fuzz a tank

How to get compliance audit training in the new virtual workplace

6 mistakes to avoid when choosing a managed services provider

Under pressure: Managing the competing demands of development velocity and application security

Open source licenses: No license, no problem? Or … not?

BSIMM11 tracks top trends in market activity

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

BSIMM11: Tracking the cutting edge of software security initiatives

TANSTAAFL! The tragedy of the commons meets open source software

Black Duck continues to expand vulnerability prioritization methods

Developing a COVID-19 track and trace app — through the lens of Synopsys

How to cyber security: Pain in the *AST

Defensible risk management can improve your job security

Legal

Follow