Software Integrity Blog

Archive for the 'Application Security' Category

 

SAST and SCA: Why use both?

If you use an SCA tool, why should you use a SAST tool as well? Let’s discuss what each tool can and can’t do and how they complement each other.

Continue Reading...

Posted in Application Security, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on SAST and SCA: Why use both?

 

What is security debt, and how do I get out of it?

Security debt refers to the accumulation of vulnerabilities in your software that make it harder to protect your data and systems. How do you get rid of it?

Continue Reading...

Posted in Application Security | Comments Off on What is security debt, and how do I get out of it?

 

How do you effectively remediate the increasing sea of vulnerabilities?

With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?

Continue Reading...

Posted in Application Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on How do you effectively remediate the increasing sea of vulnerabilities?

 

Thoreau’s ‘simplify’ exhortation hovers over RSA

Developers have no time for your complex security processes. Making application security simple means focusing on essentials and cutting through the noise.

Continue Reading...

Posted in Application Security, Developer Enablement | Comments Off on Thoreau’s ‘simplify’ exhortation hovers over RSA

 

At RSA: The road to better security is to make it easier

How do you encourage people to do something? Make it easy. Developers too will adopt application security practices, if you make them easy. Here’s how.

Continue Reading...

Posted in Application Security, Developer Enablement | Comments Off on At RSA: The road to better security is to make it easier

 

3 reasons DevSecOps is getting so much attention

Interest in DevSecOps is on the rise. What’s driving this interest? And how can teams use this knowledge to modernize their application security programs?

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security | Comments Off on 3 reasons DevSecOps is getting so much attention

 

How to Cyber Security: It’s all about developers, except when it’s not

To get security testing results in front of developers, who are in the best position to address them effectively, you need automation and integration.

Continue Reading...

Posted in Application Security, Developer Enablement | Comments Off on How to Cyber Security: It’s all about developers, except when it’s not

 

Which application security tools should you choose?

There’s no single silver bullet for application security. Instead, you need a combination of application security tools and services. Here’s an overview.

Continue Reading...

Posted in Application Security, Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on Which application security tools should you choose?

 

Ask the Experts: What’s most rewarding about your career in cyber security?

In honor of the RSAC 2020 theme, Human Element, we asked some experts what they found most rewarding, and most frustrating, about their cyber security jobs.

Continue Reading...

Posted in Application Security | Comments Off on Ask the Experts: What’s most rewarding about your career in cyber security?

 

Taking the next step in your application security program

Already using static code analysis? Try boosting your application security program with software composition analysis to automate open source management.

Continue Reading...

Posted in Application Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Taking the next step in your application security program