AppSec, the developer way: Transforming security from a “dirty word” to a common practice

AppSec, the developer way: Transforming security from a “dirty word” to a common practice

In a world where one data breach is all it takes to destroy a business, only the prepared and vigilant ones that embrace security in their operations can prevent disaster. Yet, if you ask most developers about security, they will crease up their faces into an irritated frown. Security is ... Read More
Deliver Secure Software from Home: Checkmarx Offers Free 45-Day Codebashing Trial

Deliver Secure Software from Home: Checkmarx Offers Free 45-Day Codebashing Trial

For the past few weeks and the foreseeable future, COVID-19 has forced organizations around the world to adopt work from home models. This can be a difficult transition, impacting productivity, workflows, and overall cybersecurity. And, with software development teams now “developing from home,” and in some cases being asked to ... Read More
AppSec Training – Necessary, but not sufficient

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security testing tools such as SAST and IAST is necessary to prevent vulnerabilities from entering production, a proactive approach ... Read More
Houston [I mean Bulgaria], we’ve got a problem

Houston [I mean Bulgaria], we’ve got a problem

Every relationship is built on trust. Trust is at the core of every lasting relationship, whether it’s between family members, between spouses, between organizations and their customers, and even between citizens and their government. At the start of this week, this trust was unfortunately violated in Bulgaria. The data of ... Read More
What the heck is IAST?

What the heck is IAST?

The application security testing (AST) world is made up of different solutions, all with one ultimate goal – to protect software from hackers, and their attacks. SAST and DAST are perhaps the two most common and well-known solutions. In the last few years, a newcomer has gradually received more-and-more attention ... Read More
SAST & IAST – The Power Couple in the DevSecOps Era

SAST & IAST – The Power Couple in the DevSecOps Era

DevSecOps has become one of the hottest buzzwords in the DevOps and security ecosystem over the past couple of years. But what is it, and how do you turn it into reality? DevSecOps executes on the belief that security and development teams are jointly responsible for bolstering security – essentially ... Read More