Reachability and Risk: Tools for Security Leaders

Reachability and Risk: Tools for Security Leaders

By Malcolm Harkins, Bryan Smith, Rob LundyAttacker Reachability (or “Attackability”), is a concept in open source software vulnerability management. It’s a way to understand if, 1) a vulnerability is present, and 2) Can an attacker actually get to it.It is impossible to manage security posture without considering two key factors in any ... Read More
Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

By Arun Balakrishnan, Sr. Director Product ManagementPhoto by Markus Spiske on UnsplashIdentity credentials and source code are critical assets that can create major risks for your organization when exposed by breaches of third-party cloud service companies that provide identity management and software composition analysis. Know the risks of pushing your crown ... Read More
Importance of Securing Software with a Zero Trust Mindset

Importance of Securing Software with a Zero Trust Mindset

By Shinesa Cambric, MicrosoftThis article is part of a series showcasing learnings from the Secure Software Summit.Photo by Morgane Perraud on UnsplashWith the increase of supply chain attacks on everything from logging software like Log4J to takeovers of important JavaScript packages to compromises of network utility tools like SolarWinds, more and more ... Read More
Secure Software Summit: The State of OSS Supply Chain Security

Secure Software Summit: The State of OSS Supply Chain Security

By Dan Lorenc, ChainguardThis article is part of a series showcasing learnings from the Secure Software SummitPhoto by Reproductive Health Supplies Coalition on UnsplashThe Open Source Software (OSS) Supply Chain is under attack. As evidenced by the recent Log4Shell vulnerability, the OSS supply chain is increasingly a focus for attackers seeking to ... Read More
Secure Software Summit Series: Focus on Preventative Readiness

Secure Software Summit Series: Focus on Preventative Readiness

By Chetan ConikeeThis article is part of a series showcasing learnings from the Secure Software SummitPhoto by Towfiqu barbhuiya on UnsplashThe connected world economy and the COVID-19 pandemic forced companies to accelerate digital transformation. Sophisticated cybercriminals have seized this forced acceleration to lay the groundwork for cyberwarfare. In reaction to recent attacks ranging ... Read More
Secure Software Summit Findings

Secure Software Summit Findings

Shifting Security Left is a Work In ProgressWhat are the biggest concerns on the minds of application security and developers?As part of the inaugural Secure Software Summit event, ShiftLeft polled conference participants on a wide range of topics related to application security, supply chain security, and the current cybersecurity threat environment ... Read More
Malware Evolves to Present New Threats to Developers

Malware Evolves to Present New Threats to Developers

Malware, or code written for malicious purposes, is evolving.Photo by Cécile Brasseur on UnsplashSoftware developers face new threats from malicious code as their tools and processes have proven to be an effective and lucrative threat vector. Traditionally, software developers have protected themselves from malicious code like everyone else — by securing their devices, ... Read More
Best Practices for Application Security in the Cloud

Best Practices for Application Security in the Cloud

An overview of threats and best practices in all stages of software development in the cloud.Photo by Daniel Páscoa on UnsplashThe future of application security is in the cloud. Software development and application deployment continue to move from on-premise to various types of cloud environments. While the basics of application security (AppSec) ... Read More
The Complete Guide to Securing Your Software Development Lifecycle

The Complete Guide to Securing Your Software Development Lifecycle

How to improve the security of your application with strong DevSecOpsPhoto by 愚木混株 cdd20 on UnsplashThe unfortunate reality is this: application security is in an abysmal state. Industry research reveals that 80% of tested web apps contain at least one bug. This rampant software insecurity proves devastating to the 60% of ... Read More
Secure Software Summit 2022

Secure Software Summit 2022

Join us for a day on the latest methods and breakthroughs in secure coding and deployment practices________________________________________________________________We are very excited about the upcoming inaugural Secure Software Summit, which brings together leading innovators and practitioners of secure software development on January 27, 2022. This is an event designed for all who ... Read More
Loading...