Managing Security Debt: How to Reduce Security Deficit
Recent years have seen a sharp increase in the number of reported security vulnerabilities, along with quite a few notorious attacks on enterprise applications. Organizations have reacted by increasing their investment in AppSec and DevSecOps, including the widespread adoption of AST (application security testing) tools. While AST tools are an ... Read More
Setting Up an Effective Vulnerability Management Policy
Considering the continuous increase in cybersecurity attacks targeting large organizations over the past few years and regulations like PCI DSS, HIPAA, NIST 800-731 – to name a few – it’s no surprise that enterprise investment in vulnerability management is on the rise. Detecting, prioritizing, and remediating security vulnerabilities in today’s ... Read More
Three Open Source Software Security Myths Dispelled
Used by developers around the world, open source components comprise 60%-80% (and likely more) of the codebase in modern applications. Open source components speed the development of proprietary applications, save money, and help organizations stay on the cutting edge of technology development. Despite the widespread adoption of open source components, ... Read More
Gray Box Testing Guide
In order to develop stable and secure applications, you need to inspect and verify that your software performs as expected. The most common approaches to testing software are white box testing, black box testing, and gray box testing. While white box testing and black box testing have their pros and ... Read More
How to Set Up an Open Source Strategy
Open source components have become the basic building blocks of software applications, comprising 60%-80% of the software projects. As open source usage has established itself as an industry standard and the default choice of software production, software development organizations are required to set up an open source strategy. Gone are ... Read More
The 10 Best Security Conferences to Attend in 2021
The start of the new year is always a good time to look ahead, and certainly no one wants to look back at the hot mess that was 2020. As you survey the coming year, we know security is top of mind (*cough, cough* SolarWinds *cough, cough*). If for some ... Read More
Top 10 Open Source Vulnerabilities In 2020
If 2020 taught us anything, it’s to expect the unexpected. While there don’t seem to be enough words to cover the changes that we all did our best to adjust to, we are more than happy to give you our rundown of the top 10 open source vulnerabilities in 2020. ... Read More
What You Need To Know About Application Security Testing Orchestration
As the security threat landscape continues to evolve, choosing the best application security testing tools is just the first challenge for organizations investing in AppSec. Next, organizations need to figure out how to best orchestrate the application security testing technologies they are using in order to get the most out ... Read More
Microservices Architecture: Security Strategies and Best Practices
Over the past few years enterprises and industry leaders have been steadily adopting microservices to drive their business forward. At this point, companies like Amazon, and Google, to name a few, must agree that the microservices style of architecture is much more than a passing trend. Along with the many ... Read More
The Most Comprehensive Guide to White Box Penetration Testing
The ultimate objective of any software developer is to create performant, secure, and usable applications. Realizing this goal requires every application to be tested thoroughly. Testing is therefore a critical aspect of creating robust applications. It’s what ensures the developed software meets the desired quality expectations. This blog examines one ... Read More
