Developer Training Checklist: 5 Best Practices

Developer Training Checklist: 5 Best Practices

The role of the developer has evolved over the past several years. Developers are not only responsible for writing code and releasing new software rapidly but also for securing code. By implementing security in the software development lifecycle, you can reduce risk and cost without slowing down time to production ... Read More
Practical Steps for Fixing Flaws and Creating Fewer Vulnerabilities

Practical Steps for Fixing Flaws and Creating Fewer Vulnerabilities

All security flaws should be fixed, right? In an ideal world, yes, all security flaws should be fixed as soon as they???re discovered. But for most organizations, fixing all security flaws isn???t feasible. A practical step your organization can ??? and should ??? take is to prioritize which flaws should ... Read More
The First Step to Achieving DevSecOps Is Shifting Security Culture Left

The First Step to Achieving DevSecOps Is Shifting Security Culture Left

To achieve DevSecOps you need to shift security left. Sounds simple, right? Well, it???s easier said than done. A recent survey conducted by SANS Institute found that 74 percent of organizations are deploying software changes more than once per month ??? an increase in velocity of nearly 14 percent over ... Read More
DevSecOps and the Cloud: How Leaning on Your Cloud Provider Can Help You Shift Left

DevSecOps and the Cloud: How Leaning on Your Cloud Provider Can Help You Shift Left

Over the past several years, an increasing amount of organizations have been moving their applications from on-premises to cloud-hosted platforms. And with the current pandemic forcing most businesses to adopt a fully remote work environment, the cloud is even more appealing. Gartner reported that cloud spend rose by double digits ... Read More
Technology Companies Have the Largest Proportion of Applications With High-Severity Flaws

Technology Companies Have the Largest Proportion of Applications With High-Severity Flaws

As a result of the worldwide pandemic, technology companies were forced to pivot to fully remote operations.ツ?For many organizations, this meant accelerating their digital transformation efforts. But despite the investment in digital transformation efforts, there haven???t been enough investments in security measures. Our recent State of Software Security v11 (SOSS) ... Read More
Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees. Recognizing the vulnerable state of manufacturing companies, cybercriminals saw manufacturing as an easy ... Read More
Dangers of Only Scanning First-Party Code

Dangers of Only Scanning First-Party Code

|
When it comes to securing your applications, it???s not unusual to only consider the risks from your first-party code. But if you???re solely considering your own code, then your attack surface is likely bigger than you think. Our recent State of Software Security report found that 97 percent of the ... Read More
75% of Apps in the Healthcare Industry Have a Security Vulnerability

75% of Apps in the Healthcare Industry Have a Security Vulnerability

|
In light of the current pandemic, our healthcare industry has been challenged like never before. Healthcare workers heroically stepped up to the plate, caring for those in need, while the industry itself digitally transformed to keep up with the influx of patient data and virtual wellness appointments. The increase of ... Read More
Which AppSec Testing Type Should You Deploy First?

Which AppSec Testing Type Should You Deploy First?

|
The gold standard for creating an application security (AppSec) program is ??? and always will be ??? to follow best practices. By following preestablished and proven methods, you can ensure that you are maximizing the benefits of your AppSec program. Unfortunately, time, budget, culture, expertise, and executive buy-in often restrict ... Read More
Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve

Retail and Hospitality Sector Has Impressive Fix Rate, but Room to Improve

|
Over the past year, the retail and hospitality industries have been forced to adapt to the ???new normal.??? Since lockdowns and health concerns have prevented or dissuaded in-person shopping or dining, the new normal has been e-commerce. Smaller businesses not equipped for the increase in e-commerce have had to undergo ... Read More