Software Integrity

Archive for the 'Web Application Security' Category

 

Hacking Security Episode 2: The 4 CISO tribes

Hacking Security is a monthly podcast on emerging trends in application security development hosted by Steve Giguere, lead EMEA engineer at Synopsys. The CISO Report In Episode 2, we discuss notable CISOs and then dive into the four tribes found in the Synopsys CISO Report. Take 20 minutes to listen to the latest episode below. Hacking […]

Continue Reading...

Posted in Hacking Security, Web Application Security

 

These hacks brought to you by ‘leaky’ APIs

“Leaky” is almost never a good thing. The whole idea, in just about any case, is to make things that don’t leak and to plug things that do. And that’s true of cyber security, as demonstrated by a couple of recent incidents involving leaky APIs (application programming interfaces). Hacked at Black Hat A couple of […]

Continue Reading...

Posted in Data Breach, Web Application Security

 

Wading through the alphabet soup of application security testing tools: A guide to SAST, IAST, DAST, and RASP

Every application security testing tool has advantages and disadvantages. No single solution can ensure you find and fix all vulnerabilities. But application security tools can complement one another and help you secure your applications in each stage of the software development life cycle (SDLC) and beyond. Here’s a quick overview of SAST, IAST, DAST, and […]

Continue Reading...

Posted in Infographic, Interactive Application Security Testing (IAST), Static Analysis (SAST), Web Application Security

 

How RASP complements application security testing to minimize risk

In the era of agile development and outsourcing, implementing a secure software development life cycle (SSDLC) is critical. However, it may not help you achieve the level of risk mitigation you desire. You may need to extend your software security approach to provide an additional layer of protection for applications once they have been deployed. […]

Continue Reading...

Posted in Interactive Application Security Testing (IAST), Static Analysis (SAST), Web Application Security

 

The what, why, and who of runtime application self-protection (RASP)

What is runtime application self-protection? According to Gartner, runtime application self-protection is “a security technology that is built on or linked into an application runtime environment, and is capable of controlling application execution, and detecting and preventing real-time attacks.” RASP security products integrate with an application to prevent attacks at runtime by monitoring and analyzing traffic […]

Continue Reading...

Posted in Web Application Security

 

Get the latest resource helping development teams overcome widespread challenges

Only when security is treated with the same importance as quality can your software’s integrity drive a proactive strategy rather than a reactive response. In addition to ensuring software quality, development teams are under increasing pressure to address software security concerns. The high-profile data breaches that continuously arise are raising awareness of security issues. Because […]

Continue Reading...

Posted in Fuzz Testing, Interactive Application Security Testing (IAST), Security Training, Static Analysis (SAST), Web Application Security

 

The 4 most important secure development disciplines

Being the most innovative and successful cloud monitoring company on the market, developing new features to production every day, it’s not only crucial to deliver the best user experience, performance and high reliability, but also guarantee the highest SECURITY for our customers. To not let security measures slow down our agile and innovative value creation […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security, Static Analysis (SAST), Web Application Security

 

Apps security the top challenge for customer-facing mobile and web applications research shows

A new Synopsys survey reveals that customer-facing web and mobile applications are the top security challenge for IT professionals in Asia. From Sept. 19 to 21, 2017, Synopsys conducted a survey at Singapore International Cyber Week (SICW), the region’s most established cyber security event. We spoke to 244 C-level IT professionals, managers, and executives in […]

Continue Reading...

Posted in Mobile Application Security, Web Application Security

 

4 simple steps to encourage online safety at your company

October is Cyber Security Awareness Month. The internet has revolutionized how we do business, stay in touch, and shop. As we upload more of our lives onto the internet, we put more of ourselves at risk. A little security goes a long way in protecting what we do online. Here are four quick tips to […]

Continue Reading...

Posted in Security Training, Web Application Security

 

Insecure example code leads to insecure production code

There is a sad reality in the software world that developer education and training not only neglect software security, but often teach developers the wrong activities to secure it. This ranges from the ‘get it to work and move on’ habit to insecure code samples in the tutorials and forums we all use when learning new […]

Continue Reading...

Posted in Security Standards and Compliance, Security Training, Web Application Security