Drop the knife and back away from the AppSec budget

Drop the knife and back away from the AppSec budget

Tempted to cut your application security testing budget to cover shutdown losses? Remember that compromised assets are an even greater existential threat. The post Drop the knife and back away from the AppSec budget appeared first on Software Integrity Blog ... Read More
5 software security courses to boost your skills, even under isolation

5 software security courses to boost your skills, even under isolation

We’ve chosen five software security courses to help you and your team members prepare for the future of software development—no matter what it looks like. The post 5 software security courses to boost your skills, even under isolation appeared first on Software Integrity Blog ... Read More
The shift to remote work makes red team testing more important than ever

The shift to remote work makes red team testing more important than ever

Closing your office cuts off several attack vectors—but remote working creates thousands more. Here’s why a red team assessment is so essential right now. The post The shift to remote work makes red team testing more important than ever appeared first on Software Integrity Blog ... Read More
What the open source community can teach the suddenly remote workforce

What the open source community can teach the suddenly remote workforce

Productive remote teamwork is possible. Just ask the open source community, who has been doing it for years. Here are some top tips for working remotely. The post What the open source community can teach the suddenly remote workforce appeared first on Software Integrity Blog ... Read More
DevSecOps success takes people, not just technology

DevSecOps success takes people, not just technology

Want DevSecOps? Here are some tips to get your development, security, and operations teams communicating effectively and working toward a single purpose. The post DevSecOps success takes people, not just technology appeared first on Software Integrity Blog ... Read More
How to deal with legacy vulnerabilities

How to deal with legacy vulnerabilities

Are you releasing software with legacy vulnerabilities that you put aside to address later but forgot about—or that you didn’t even know were in your code? The post How to deal with legacy vulnerabilities appeared first on Software Integrity Blog ... Read More
Debt Metaphor

What is security debt, and how do I get out of it?

Security debt refers to the accumulation of vulnerabilities in your software that make it harder to protect your data and systems. How do you get rid of it? The post What is security debt, and how do I get out of it? appeared first on Software Integrity Blog ... Read More
Thoreau’s ‘simplify’ exhortation hovers over RSA

Thoreau’s ‘simplify’ exhortation hovers over RSA

Developers have no time for your complex security processes. Making application security simple means focusing on essentials and cutting through the noise. The post Thoreau’s ‘simplify’ exhortation hovers over RSA appeared first on Software Integrity Blog ... Read More
At RSA: The road to better security is to make it easier

At RSA: The road to better security is to make it easier

If security practices are easy and simple, people will do them. Developers too will adopt application security if you make it easy and simple. Here’s how. The post At RSA: The road to better security is to make it easier appeared first on Software Integrity Blog ... Read More
Debt Metaphor

Start paying down your ‘security debt’ with DevSecOps

Organizations that postpone remediating security issues, or just ignore them, are playing a risky game. But DevSecOps can help reduce your security debt. The post Start paying down your ‘security debt’ with DevSecOps appeared first on Software Integrity Blog ... Read More