Software Integrity Blog

Archive for the 'Application Security' Category

 

6 mistakes to avoid when choosing a managed services provider

It’s critical to find the right managed services provider. Here are 6 things to consider when searching for the best provider to meet your business needs.

Continue Reading...

Posted in Application Security, Software Security Program | Comments Off on 6 mistakes to avoid when choosing a managed services provider

 

Drop the knife and back away from the AppSec budget

Tempted to cut your application security testing budget to cover shutdown losses? Remember that compromised assets are an even greater existential threat.

Continue Reading...

Posted in Application Security | Comments Off on Drop the knife and back away from the AppSec budget

 

How does a managed services partner free up your staff?

A managed services partner should do more than run the tests you choose. The right partner will work with you to shape your application security program.

Continue Reading...

Posted in Application Security, Software Security Program | Comments Off on How does a managed services partner free up your staff?

 

The Complete Application Security Checklist

Our Complete Application Security Checklist describes 11 best practices that’ll help you minimize your risk from cyber attacks and protect your data.

Continue Reading...

Posted in Application Security | Comments Off on The Complete Application Security Checklist

 

How to Cyber Security: Application security is critical for data security

Data protection requires application security. Threat modeling and vulnerability management help you secure your apps from development through production.

Continue Reading...

Posted in Application Security, Software Architecture & Design | Comments Off on How to Cyber Security: Application security is critical for data security

 

[Webinar] Are You Acquiring the Next Big Breach?

Learn why application security vulnerabilities are a serious consideration in tech due diligence and how to evaluate your security risk in M&A transactions.

Continue Reading...

Posted in Application Security, Mergers & Acquisitions, Webinars | Comments Off on [Webinar] Are You Acquiring the Next Big Breach?

 

What is the Ghostcat vulnerability (CVE-2020-1938)?

Ghostcat (CVE-2020-1938) is an Apache Tomcat vulnerability that allows remote code execution in some circumstances. Here’s how to find and mitigate it.

Continue Reading...

Posted in Application Security, Open Source Security | Comments Off on What is the Ghostcat vulnerability (CVE-2020-1938)?

 

Tips for working from home without losing your marbles or compromising security

Our longtime remote employees have some tips for working from home to keep you sane, and your company’s assets secure, during a strange, stressful time.

Continue Reading...

Posted in Application Security | Comments Off on Tips for working from home without losing your marbles or compromising security

 

How to deal with legacy vulnerabilities

Are you releasing software with legacy vulnerabilities that you put aside to address later but forgot about—or that you didn’t even know were in your code?

Continue Reading...

Posted in Application Security, Open Source Security | Comments Off on How to deal with legacy vulnerabilities

 

SAST and SCA: Why use both?

If you use an SCA tool, why should you use a SAST tool as well? Let’s discuss what each tool can and can’t do and how they complement each other.

Continue Reading...

Posted in Application Security, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on SAST and SCA: Why use both?