The Need for Deterministic Security

280 Days to Fix a Vulnerability in Production

IBM's 2020 report on the Cost of a Data Breach found that on average it takes 280 days to fix a vulnerability in production once a breach is discovered.  If you've got an application in production you may be wondering how you can protect the application once a vulnerability is ... Read More
The Need for Deterministic Security

Defining Application Security

If you're new to Application Security, you may be confused by the different terminology and where exactly Application Security fits relative to all the different phases of application development and during runtime of applications. The post Defining Application Security appeared first on K2io ... Read More
The Need for Deterministic Security

If APM Vendors Think They Need RASP, Shouldn’t You?

The start of February 2021 brought with it a number of announcements from APM (Application Performance Monitoring) vendors, all relating to RASP (Runtime Application Self-Protection).  Three vendors in the APM (referred to by some as the Observability Platform market), made announcements about either adding RASP or enhancing their RASP offerings ... Read More
Most Security Pros Think a WAF is High Maintenance

Most Security Pros Think a WAF is High Maintenance

Web Application Firewalls (WAFs) are a traditional application security tool used by many organizations in their arsenal against the cyber attacks inflicted on a continual basis on their infrastructure.  When they were introduced, they were seen as the remedy to the cyber attacks facing typical organizations with a web presence.  ... Read More
The Need for Deterministic Security

A New Book to Learn About Application Security

If you're just starting out as an application developer or you're a seasoned developer looking for a good review guide, there's a new book from Wiley titled "Alice and Bob Learn Application Security" to assist with learning about the fundamentals of application security. The post A New Book to Learn ... Read More
The Need for Deterministic Security

Three Application Security Fundamentals Every Developer Should Know

TechBeacon recently published an article on the Three Application Security Fundamentals Every Developer Should Know. The article bases its recommendations for developers on research that came out of a recent USENIX Security conference for developers and application security specialists. The post Three Application Security Fundamentals Every Developer Should Know appeared first ... Read More
The Need for Deterministic Security

The State of Application Security: What the Statistics Tell Us

CSO Online ran an article last August covering some important application security statistics from a study run by the Enterprise Security Group (ESG).  The article titled The State of Application Security: What the Statistics Tell Us, covered an interesting finding from the report, notably that 79% of organizations push vulnerable code to ... Read More
The Need for Deterministic Security

Getting Started with Web Application Security? Best Practices: A Developer’s Guide

If you are a developer of web applications and looking for a guide to help you with security best practices, you are in luck.  Back in October of 2020, Security Intelligence ran an article titled Web Application Security Best Practices: A Developer’s Guide. The article starts with a discussion about the ... Read More
The Need for Deterministic Security

Top 50 Application Security Pros to Follow on Twitter

If you are like many in our online connected world, you get some of your news from Twitter, both personally and professionally.  For those that are security professionals, that have been looking to enhance your twitter feed with additional application security news, TechBeacon has a new list of the Top ... Read More
The Need for Deterministic Security

Retailers Can’t Afford to Neglect Security

In recent blog posts from K2, we've highlighted the need for additional application security for healthcare and financial verticals with the increased attacks on those organizations.  In a recent article in Supply Chain Brain, security for another vertical was covered, retailers and their specific need for increased security.  The post Retailers ... Read More