close search bar

Sorry, not available in this language yet

close language selection

AN APPLICATION SECURITY VIEWPOINT

Emerging data protection and privacy laws are causing organizations to scramble to implement strategies that address regulatory compliance and data security governance. And the SolarWinds software supply chain attack, in which attackers inserted a malicious back door into its network software release that later led to sensitive data exposure, further underscores the need to secure the DevSecOps processes and software supply chain.

Read this white paper to learn about:

  • Key global data privacy laws and data security standards
  • Major cyber security and privacy frameworks and application security standards including OWASP Top 10, CWE Top 25, and CISQ
  • The steps required for creating a data security strategy, including data discovery, identifying data sensitivity level, setting access policies, and defining dataset management workflows
  • Security best practices such as threat modeling, penetration testing, secrets management, and holistic systems security engineering
  • AppSec tools including static application security testinginteractive application security testingdynamic application security testing, and software composition analysis, which can alert developers about secrets, sensitive data (credit card numbers, SSNs), and back doors in source code, binary files (supply chain software), logs, databases, and files
  • A solution that lets you create your own customized continuous integration/continuous delivery pipeline in the cloud that automatically performs the right security tests at the right time, based on user-defined policies, risk profiles, and severity/context-specific code changes
CISO Guide to Data Protection

Resources to manage your AppSec risk at enterprise scale