Software Integrity Blog

Author Archive

Derek Handova


Derek Handova is an enthusiastic white paper writer and content marketer in the B2B and technology spaces. Previously, he has led content creation efforts at prominent companies such as Altera, BearingPoint, Inc., Check Point Software, Harris Corporation, Solectron Corporation, and other Silicon Valley icons.

Posts by Derek Handova:


How to keep your CI/CD pipeline secure with a remote workforce

How do you secure the work of your development team when they’re off your network, working from home? Here are some tips to keep your CI/CD pipeline secure.

Continue Reading...

Posted in Agile, CI/CD & DevOps


How 5G and IoT devices open up the attack surface on enterprises

As 5G standards continue to evolve, what steps can development organizations take now to improve the security of billions of 5G and IoT devices and systems?

Continue Reading...

Posted in Fuzz Testing, IoT Security


How does IAST fit into DevSecOps?

IAST, a new generation of application security testing that bridges the gaps between SAST, DAST, and pen testing, seems to have been made for DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST)


3 steps to reduce your API and web service risk in M&A due diligence

Learn more about the risk areas related to APIs and web services during due diligence in M&A transactions involving software, and how to reduce each risk.

Continue Reading...

Posted in Mergers & Acquisitions


Behshad Rejai on the past, present, and future of software development

With 36 years of experience, Behshad Rejai, VP of engineering in the Software Integrity Group, shares her views of the future of software development.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Cloud Security, IoT Security


How DevOps security tools support modern applications

Modern application development organizations must integrate and automate DevOps security tools such as IAST into CI/CD pipelines to speed developers.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Interactive Application Security Testing (IAST)


What are the different types of security vulnerabilities?

An application security vulnerability is a security bug, flaw, error, fault, hole, or weakness in software architecture, design, code, or implementation that can be exploited by attackers. Let’s take a closer look at the different types of security vulnerabilities.

Continue Reading...

Posted in Web Application Security


Top 3 cloud security trends for 2019

A new report covers the top cloud security trends for 2019, including cloud security concerns, cloud compliance challenges, and barriers to cloud adoption.

Continue Reading...

Posted in Cloud Security


What happens when your CISO has one of those days?

A CISO having a bad day finds out the hard way that cutting corners on software security testing might end up costing him more than he saved.

Continue Reading...

Posted in Mobile App Security, Web Application Security


Technology company M&A: Do due diligence on SDLC process/tools

Technical due diligence on the target’s SDLC is a must for acquirers in software M&A. What you don’t know about their process and tools could hurt you.

Continue Reading...

Posted in Mergers & Acquisitions, Open Source Security, Software Composition Analysis (SCA)