Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music. Follow him on Twitter @tarmerding2.
For sustainable, long-term application security, both developers and information security professionals must embrace their new roles created by DevSecOps.
Posted in Agile, CI/CD & DevOps, Application Security | Comments Off on Report: Security and development teams need to ‘embrace’ new roles in DevSecOps
A number of election security bills and discussion drafts are currently before the House and Senate. If passed, could they really lead to secure elections?
Posted in Application Security | Comments Off on Multiple bills seek to secure elections: Will they do it?
Synopsys CSO Deirdre Hanford discusses what we learned from Cybersecurity Awareness Month, as well as how to create and mature a software security program.
Posted in Application Security, Featured, Software Security Program | Comments Off on Synopsys CSO: Cybersecurity Awareness Month lessons need to be applied all year
No password is secure. With so many password alternatives now available, such as FIDO and passwordless authentication, we can get rid of passwords for good.
Posted in Application Security, Software Architecture & Design | Comments Off on It’s past time to put passwords out of our misery
How do you vet the security of third-party software from vendors, partners, and contractors? Follow software supply chain risk management best practices.
Posted in Software Security Program | Comments Off on Don’t let your supply chain undermine your security
You can use the 2019 CWE Top 25 to help focus your application security efforts. Learn more about this list of the 25 most dangerous software weaknesses.
Posted in Software Compliance, Quality & Standards | Comments Off on How the 2019 CWE Top 25 can boost your application security
Application security is your best defense against the hackers who want your organization’s data. Here are best practices for secure application development.
Posted in Application Security | Comments Off on Best practices for secure application development
Unless you build your own AppSec tools, you need to know how to choose an application security vendor and whether to opt for individual tools or a suite.
Posted in Interactive Application Security Testing (IAST), Software Composition Analysis (SCA) | Comments Off on How to choose application security vendors and tools
We kick off Cybersecurity Awareness Month with an interview with Deirdre Hanford, CSO at Synopsys, about personal accountability and cyber security.
Posted in News & Announcements | Comments Off on Synopsys CSO Deirdre Hanford champions Cybersecurity Awareness Month
What are ethical hackers, and why do we need them? Ethical hacking allows you to see how your systems might be breached, but it goes far beyond pen testing.
Posted in Application Security, Security Training & Awareness | Comments Off on Hackers needed to defeat hackers
