API Security

API Security in a Digitally Transformed World

|
One unexpected consequence of the global pandemic is the acceleration of digital transformation across organizations of all sizes. With so many employees working from home, organizations realized they needed to upgrade to a cloud infrastructure to support everyone working remotely. As applications moved from on-premises to the cloud to support ... Read More
Kubernetes Security Best Practices

Kubernetes Security Best Practices

|
Table of Contents: What Is Kubernetes? Kubernetes Security and the Cloud Native Environment Kubernetes Security Issues and DevOps Kubernetes Security Best Practices   Kubernetes Security Context  Kubernetes Security Tools  Kubernetes Security Audit Reducing Kubernetes Attack Surfaces    What Is Kubernetes? Kubernetes is an open source orchestration platform for containerized workflows ... Read More
Software Composition Analysis Explained

Software Composition Analysis Explained

|
Open source code is everywhere, and it needs to be managed to mitigate security risks.  Developers are tasked with creating engaging and reliable applications faster than ever. To achieve this, they rely heavily on open source code to quickly add functionality to their proprietary software. With open source code making ... Read More
Top Tips for Getting Started With a Software Composition Analysis Solution

Top Tips for Getting Started With a Software Composition Analysis Solution

|
You’ve purchased a software composition analysis solution, and you’re excited to start scanning. Before you do, read our top tips for getting started with WhiteSource. Following some basic guidelines ensures your implementation gets off on the right foot. 1. Build a Team WhiteSource is an organizational initiative, not a one-person ... Read More
Why Manually Tracking Open Source Components Is Futile

Why Manually Tracking Open Source Components Is Futile

|
Open source is everywhere. Everyone is using it. Open source code is found in almost every proprietary software offering on the market and is estimated to make up on average 60%-80% of all software codebases in 2020. Why the proliferation? Open source libraries help developers write code faster to meet ... Read More
Top 7 Questions to Ask When Evaluating a Software Composition Analysis Solution

Top 7 Questions to Ask When Evaluating a Software Composition Analysis Solution

|
Your open source usage is out of control. Sure, it’s helping you develop your product faster and getting new releases out the door in days instead of months, but now your code base is made up of 60% or more open source components. And that percentage is only growing. The ... Read More
Our Favorite Web Vulnerability Scanners

Our Favorite Web Vulnerability Scanners

|
Web Vulnerability Scanners Defined Web vulnerability scanners crawl through the pages of web applications to detect security vulnerabilities, malware, and logical flaws. They do this by generating malicious inputs and evaluating an application’s responses. Often referred to as dynamic application security testing (DAST), web vulnerability scanners are a type of ... Read More
Why You Need an Open Source Vulnerability Scanner

Why You Need an Open Source Vulnerability Scanner

|
No one wants to be the next Equifax. Just thinking about their company’s name being in a headline along with the words “security breach” is enough to keep CISOs up at night. Much like Fight Club, however, the first rule of data breaches is: You do not talk about security ... Read More
Dynamic Application Security Testing: DAST Basics

Dynamic Application Security Testing: DAST Basics

|
Application security testing (AST), which are tools that automate the testing, analyzing, and reporting of security vulnerabilities, is an indispensable part of software development. In a modern DevOps framework where security is shifted left, AST should be thought of as compulsory. And this has never been more important when you ... Read More
Interactive Application Security Testing: IAST Basics

Interactive Application Security Testing: IAST Basics

|
Because applications and software vulnerabilities are the most common external point of attack, securing applications is a top priority for most organizations. An essential component for reducing this risk is application security testing (AST). In this blog, we focus on interactive application security testing (IAST), the relative newcomer in the ... Read More