Application Security & Software Security Blog

The importance of secure development training for new hires

Most new grads haven’t learned how to develop secure code. Here are four critical steps to create a secure development training program for your team.

The advanced license compliance functionality you didn’t know your SCA tool needed

Open source license noncompliance can have severe implications. Here are four advanced license compliance features that help protect your proprietary code.

[Webinars] DoS attacks in Node.js, SAST in DevSecOps

Learn how to protect Node.js apps against denial-of-service attacks, and how to integrate static application security testing into DevSecOps pipelines.

Authentication Token Obtain and Replace (ATOR) Burp plugin to handle complex login sequences

The Authentication Token Obtain and Replace (ATOR) plugin, built on ExtendedMacro, supports complex login sequences in Burp and is fast and easy to use.

How to get compliance audit training in the new virtual workplace

Compliance training will help you pass an audit, but to secure your customer data, your teams need virtual security training beyond compliance requirements.

How to Cyber Security: Software testing is cool

Software security testing involves knocking down walls, scaling fences, and otherwise breaking applications to generate helpful feedback for development.

[Webinars] CI/CD security testing, shift left, code quality in M&A

Learn about application security testing in CI/CD pipelines, how to scale responsiveness with a secure SDLC, and why software quality matters in tech M&A.

How to overcome the top 6 application security challenges

Take a closer look at the most common application security challenges and how managed services can help you overcome them proactively and cost-effectively.

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.

Why developers need a supplemental source to NVD vulnerability data

The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.

« Previous Entries

Next Entries »

Be the first to know

Don’t miss the latest AppSec news and trends every Friday.

Subscribe to the blog

Software Integrity Blog

5 key takeaways from the 2020 Open Source Security and Risk Analysis report

Synopsys named a Leader in the 2020 Gartner Magic Quadrant for Application Security Testing for the 4th year

What the open source community can teach the suddenly remote workforce

The importance of secure development training for new hires

The advanced license compliance functionality you didn’t know your SCA tool needed

[Webinars] DoS attacks in Node.js, SAST in DevSecOps

Authentication Token Obtain and Replace (ATOR) Burp plugin to handle complex login sequences

How to get compliance audit training in the new virtual workplace

How to Cyber Security: Software testing is cool

[Webinars] CI/CD security testing, shift left, code quality in M&A

How to overcome the top 6 application security challenges

Black Duck Audits: Not just for M&A

Why developers need a supplemental source to NVD vulnerability data

Legal

Follow