Software Integrity Blog

Author Archive

Taylor Armerding

tarmerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.


Posts by Taylor Armerding:

 

Get effective DevSecOps with version control

Learn how to use version control to reduce development time and increase the rate of successful software deployments in your DevSecOps strategy.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

The BSIMM: Five key steps to a better software security initiative

The goal of an SSI is to improve security at every stage of the journey. Start and/or improve your SSIs today with these key steps observed in BSIMM11.

Continue Reading...

Posted in Software Security Program

 

BSIMM11 tracks top trends in market activity

Measure and improve your software security initiative using the four key market activity trends observed in the new BSIMM11 report.

Continue Reading...

Posted in Software Security Program

 

MITRE releases 2020 CWE Top 25 most dangerous software weaknesses

Learn how this year’s CWE Top 25 list of the most dangerous software weaknesses can be used to set priorities in your application security.

Continue Reading...

Posted in Software Compliance, Quality & Standards

 

BSIMM11: Tracking the cutting edge of software security initiatives

BSIMM11 gathers research on software security activities from real-life firms to create a guide to help you navigate your software security initiative.

Continue Reading...

Posted in Software Security Program

 

Defensible risk management can improve your job security

If your organization suffers a data breach, your job security might hinge on whether you’ve practiced defensible risk management. Don’t make these mistakes.

Continue Reading...

Posted in Data Breach Security

 

To improve DevSecOps, set application security priorities

Where does application security fit into DevSecOps? Everywhere: from preventing vulnerabilities to securing open source to prioritizing significant defects.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

Too many security tools can be as bad as too few

Security tool sprawl has made many teams so overwhelmed by security alerts that they can’t respond to them. Here’s how to deal with security tool overload.

Continue Reading...

Posted in Application Security

 

How to champion security in DevOps

Making the shift from DevOps to DevSecOps requires better communication, which you can help your teams accomplish with security training and enablement.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security

 

How DevSecOps done right makes application security easier

How do you integrate application security into DevOps? By enabling your developers to address security issues with automation, integration, and training.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security