Application Security & Software Security Blog

How do you effectively remediate the increasing sea of vulnerabilities?

With applications containing more and more open source, and 40+ open source vulnerabilities disclosed daily, how do you prioritize your remediation efforts?

Apache Struts research at scale, Part 2: Execution environments

During our CVE-2018-11776 research, after building 115 versions of Apache Struts, we had to address the challenges of recreating the execution environments.

How does IAST fit into DevSecOps?

IAST, a new generation of application security testing that bridges the gaps between SAST, DAST, and pen testing, seems to have been made for DevSecOps.

[Webinars] Open source in M&A due diligence, cloud application security

Learn why an open source security review is key in M&A due diligence, and about the impact of cloud environments on application security considerations.

5G: Vast potential, but better security needed

5G security is top of mind for those who recognize that 5G is going to be higher risk. Fuzzing is one of the leading testing techniques for securing 5G.

Thoreau’s ‘simplify’ exhortation hovers over RSA

Developers have no time for your complex security processes. Making application security simple means focusing on essentials and cutting through the noise.

[Webinar] Effective Vulnerability Remediation Requires More Than One Data Point

With advanced policy management and best-in-class vulnerability reports, developers can fix the most critical vulnerabilities quickly and effectively.

At RSA: The road to better security is to make it easier

How do you encourage people to do something? Make it easy. Developers too will adopt application security practices, if you make them easy. Here’s how.

3 steps to reduce your API and web service risk in M&A due diligence

Learn more about the risk areas related to APIs and web services during due diligence in M&A transactions involving software, and how to reduce each risk.

Code quality and maintenance: Emerging risks of open source use

You know that static analysis can find code quality defects in your proprietary code. But what are you doing to manage your open source code quality risk?

« Previous Entries

Next Entries »

Be the first to know

Don’t miss the latest AppSec news and trends every Friday.

Subscribe to the blog

Software Integrity Blog

How to Cyber Security: Software is manufacturing

8 tips for recruiting more women in software development

Ask the Experts: How can we improve the security of the 2020 election?

How do you effectively remediate the increasing sea of vulnerabilities?

Apache Struts research at scale, Part 2: Execution environments

How does IAST fit into DevSecOps?

[Webinars] Open source in M&A due diligence, cloud application security

5G: Vast potential, but better security needed

Thoreau’s ‘simplify’ exhortation hovers over RSA

[Webinar] Effective Vulnerability Remediation Requires More Than One Data Point

At RSA: The road to better security is to make it easier

3 steps to reduce your API and web service risk in M&A due diligence

Code quality and maintenance: Emerging risks of open source use

Legal

Follow