Guide: Rethinking application security risk for federal agencies

Cybersecurity risk can be hard to define and measure, even though the consequences of a cyberattack are very real. This post suggests a practical approach to determining and reducing application security risk for federal organizations and announces the Invicti ebook Let’s Talk About Risk. The post Guide: Rethinking application security ... Read More

State and Local Cybersecurity Grant Program requirements are here, and Invicti can help you meet them

State, local, and territorial governments have until Nov 15, 2022 to apply to the State and Local Cybersecurity Grant program. Through a combination of capable tools, security best practices, and strategic initiatives, agencies can partner with Invicti to meet the requirements and apply to the program. The post State and ... Read More
The cutting-edge conundrum: Why federal agencies can’t compromise on security

The cutting-edge conundrum: Why federal agencies can’t compromise on security

| | Web Security Zone
2021 was a banner year for cyberattacks, with reported breaches increasing by 68 percent. The record-breaking number of 1,862 data breaches put previous years to shame, especially considering industry-rocking incidents like Log4Shell, which had most organizations in the public and private sectors scrambling to secure... Read more The post The ... Read More
Zero trust countdown: New OMB memo stresses urgency for modern AppSec

Zero trust countdown: New OMB memo stresses urgency for modern AppSec

| | Web Security Zone
The White House is following up with a new cybersecurity directive to further improve the security posture for federal agencies. The memo strongly encourages the adoption of zero trust architecture as a way to ensure that, in the process of securing their software landscape, federal... Read more The post Zero ... Read More
What to know about Biden’s latest cybersecurity memorandum

What to know about Biden’s latest cybersecurity memorandum

| | Web Security Zone
Building on his administration’s historic cybersecurity executive order, President Joe Biden yesterday signed a new National Security memorandum (NSM) designed to further improve security across the Department of Defense, intelligence community, and national security systems. The memo lays out concrete requirements around the technology required... Read more The post What ... Read More
What government agencies need to know about CISA’s new Binding Operational Directive

What government agencies need to know about CISA’s new Binding Operational Directive

The Cybersecurity and Infrastructure Security Agency (CISA) is reinforcing the nation’s cybersecurity efforts by announcing a new Binding Operational Directive (BOD) related to common vulnerabilities and exposures. Also referred to as CVEs, these publicly disclosed flaws in software open doors that attackers are able to... Read more The post What ... Read More
FISMA Update: What’s changing and why it matters

FISMA Update: What’s changing and why it matters

| | Web Security Zone
In early October, the Homeland Security and Governmental Affairs Committee announced bipartisan legislation that’s set to make waves in federal civilian cybersecurity. This move to overhaul the Federal Information Security Management Act (FISMA) from 2014 is especially notable as the government became the most targeted... Read more The post FISMA ... Read More
CISA’s Zero Trust Maturity Model is a rallying cry for modern web app security

CISA’s Zero Trust Maturity Model is a rallying cry for modern web app security

| | Web Security Zone
Increasingly sophisticated cyberattacks against federal agencies highlight the urgent need to enhance federal cybersecurity. To help with this, CISA has published the Zero Trust Maturity Model to assist agencies in implementing zero trust architecture (ZTA) – and modern AppSec solutions are a crucial part of... Read more The post CISA’s ... Read More
US government agencies given a new deadline to secure critical software

US government agencies given a new deadline to secure critical software

The Office of Management and Budget (OMB) released a memorandum on August 10, 2021, in response to Executive Order (EO) 14028, Improving the Nation’s Cybersecurity. The EO recognizes the importance of software security to protect against malicious cyber attacks that threaten the American people’s security... Read more The post US ... Read More
Join the panel: Shifting security left with DevSecOps

Join the panel: Shifting security left with DevSecOps

| | events
Fifteen years ago, there were 50 million websites. Today there are nearly two billion. With the government’s adoption of cloud technologies, that number is continuing to grow exponentially. In order to appropriately comply with regulations, it is imperative that government agencies incorporate security testing across... Read more The post Join ... Read More

Secure Coding Practices