DAST tools as force multipliers for human cybersecurity skills
Modern DAST tools help humans and technology work together at peak efficiency, allowing development and security teams to save critical time and preserve their sanity while also incrementally improving security posture and minimizing costly code rework. The post DAST tools as force multipliers for human cybersecurity skills appeared first on ... Read More
The future of cybersecurity: DAST solutions, SBOMs, and APIs to take center stage
Looking ahead at the next five to ten years, how will the future of cybersecurity shape up? Talking to Invicti CTO Frank Catucci, we unpack current trends that point toward more capable scanners, deeper supply chain insights, and a focus on securing the cloud. The post The future of cybersecurity: ... Read More
Black Hat 2022: from cyberwarfare to the rise of RCE
Black Hat 2022 is coming to a close, and we’re leaving the conference with fresh industry insights, new contacts, and ideas for the future of DevSecOps. While we couldn’t see it all, we did manage to catch a few sessions – and even held some of our own to dig ... Read More
Struggling to build DevSecOps? Security champions can save your day
What’s in a name? If you’re a security champion, a lot. These security-minded men and women hold information-sharing power within an organization. They work daily to relay essential updates, surface and resolve common pain points, lean in on threat and vulnerability management, and provide more clarity on security needs to ... Read More
Buried under security debt? Here’s how to dig yourself out to improve security posture
Security debt, like all technical debt, slows software production and also increases risk. The good news is that once you understand your threat landscape, you can start paying down that debt. Invicti’s Dan Murphy shows why you shouldn’t put this off. The post Buried under security debt? Here’s how to ... Read More
New DoJ review urges zero trust adoption to fortify security posture
The US Department of Justice has released a report outlining the progress in achieving cybersecurity goals set by the Biden Administration’s Executive Order on cybersecurity. The report also includes guidance for adopting a zero trust approach and improving security posture. The post New DoJ review urges zero trust adoption to ... Read More
Four features of modern AppSec that help curb cybersecurity burnout
In the race to innovation, security is often the victim of difficult time-saving decisions. Those decisions (or lack thereof) cause unnecessary stress for DevSecOps teams working to build secure, innovative applications as they’re forced to either skip critical security steps and deal with the headaches later on, or manually work ... Read More
New cybersecurity bills aim to bolster communication and retain talent
Last week, President Biden signed two new cybersecurity bills into law. One aims to improve communication between state and local governments and CISA, while the other should improve the government’s ability to share and retain talent between agencies. Both bills come on the tailwind of other directives by the United ... Read More
RSA 2022 recap: Security debt, SBOMs, national security – and Invicti
RSA Conference 2022 was jam-packed with sessions covering everything from zero trust and DevSecOps to open source and security champions. Did you spot Invicti at the show? The post RSA 2022 recap: Security debt, SBOMs, national security – and Invicti appeared first on Invicti ... Read More
Four ways AppSec analytics help your DevSecOps pros work smarter, not harder
What’s in a number? For DevSecOps professionals, the answer is “a lot.” Analytics in application security (AppSec) hold immense power, helping teams decide where to focus their priorities and pick up on patterns that uncover knowledge gaps. Reporting with clear analytics helps set standards for... Read more The post Four ... Read More
