Application Security Archives

Application Security: The Best/Worst Is Yet to Come

by Charlene O’Hanlon on April 23, 2021

In the wake of recent high-profile breaches, all eyes are on application security. Yet, application security hasn’t always received the attention during the application development process it deserves. Many organizations deploy applications with known vulnerabilities to meet their deadlines, with the idea that they’ll be addressed in the next update. That’s a dangerous gamble. DevSecOps..
Read more

Adopting a Strategic Mindset for Cloud-Native Application Protection

by Charlene O’Hanlon on April 14, 2021

With more applications being developed in a cloud-native fashion, using containers and serverless architecture, organizations should think about smarter, more efficient and more reliable ways to protect their applications. Cyberattackers are more innovative and are achieving more success in compromising cloud-native applications, so vigilance is a must for developers, security professionals and IT organizations. Download..
Read more

Heading Off a Cloud Security Crisis

by Charlene O’Hanlon on December 14, 2020

Application workloads deployed in the cloud, in theory at least, should be more secure than those deployed on-premises, because a cloud service provider has all the expertise required to secure those platforms. Organizations run into trouble, however, when responsibility for cloud security is shared between the cloud service provider and the IT personnel that deploy..
Read more

AWS Security Case Study: Visibility into Containers Provides Application Context

by Charlene O’Hanlon on December 14, 2020

Poka is a connected worker application built specifically for manufacturers. It brings together collaboration, training, and skills management into a single integrated platform to empower factory workers to learn continuously and solve problems autonomously. Designed from the ground-up as a cloud native application, Poka lets companies build their own proprietary knowledge base to use and..
Read more

Cisco Tetration: Securing All Phases of the Hybrid Cloud Journey

by Charlene O’Hanlon on October 13, 2020

Tetration is a solution that offers many unique capabilities that are particularly well suited to help enterprises at all phases of hybrid cloud transformation, regardless of whether that journey is just beginning with a few virtual workloads or a small public cloud deployment or encompasses a vast, global data center environment. It provides full-stack visibility..
Read more

Managing the AppSec Toolstack

by Charlene O’Hanlon on September 21, 2020

The best cybersecurity defense is always applied in layers—if one line of defense fails, the next should be able to thwart an attack, and so on. Now that DevOps teams are taking more responsibility for application security by embracing DevSecOps processes, that same philosophy applies to security controls. The challenge many organizations are facing now..
Read more

Candid Cliff Notes: How to Select the Right Pentest

by Charlene O’Hanlon on September 10, 2020

In today’s IT environment, one of the biggest risks to a corporation’s valuation is a security breach. But how does a security team apply their budget in a way that ensures the applications, websites, and other assets are secure? Security Vendors make wide claims about the effectiveness of their products—making it almost impossible to identify..
Read more

From Monolithic to Modern: The Imperative for Flexible Web App and API Protection Everywhere

by Charlene O’Hanlon on September 9, 2020

Seismic shifts in software development are driving the need for a new breed of flexible security solutions. Legacy web application firewalls (WAF) predate the growth of cloud-native apps and daily release cycles. Modern applications require scalable security, meaning effective defenses that operate where applications are deployed. A comprehensive web app and API protection (WAAP) platform..
Read more

Pentest as a Service Impact Report 2020

by Charlene O’Hanlon on August 27, 2020

The goal of this study by Rain Capital’s Dr. Chenxi Wang is to understand the specific benefits and challenges of deploying a Pentest as a Service (PtaaS) solution in a modern software development environment, as well as to compare the SaaS model with traditional, legacy pentest services. The report also examines the impact of DevOps on the adoption..
Read more

Tackling the 3 Biggest API Security Challenges in Real-World Deployments

by Charlene O’Hanlon on August 26, 2020

In today’s world of digital transformation and DevOps growth, APIs have become increasingly important to innovation and business agility. They also stand at the nexus of many new security threats. The good news is that organizations are growing increasingly aware about the dangers of API threats and are taking action to close security gaps. However,..
Read more