Application security program strategy and planning
Consolidation: The wave of the (AST) future
Reducing complexity and providing insight into software risk, consolidation is the wave of the application security testing future. ...
Podcast: The current state of DevOps
In this first episode of Synopsys’ new podcast series, ‘Building Security In – The Next Generation’, we cover the current state of DevOps. ...
We’re one step closer to knowing how to comply with EO 14028
CISA’s draft self-attestation form, published today, is a step in the right direction in demystifying EO 14028 compliance ...
Friend or foe: AI chatbots in software development
Yes, AI chatbots can write code very fast, but you still need human oversight and security testing in your AppSec program ...
What pen testing can tell you about the health of your SDLC
Tailored use of pen testing can provide critical support and insights for gauging the health of your SDLC ...
Why cross-site scripting still matters
With web application exploits the 3rd-most-common cybersecurity threat, overlooking the importance of XSS vulnerabilities puts you at risk ...
Spotlight on CRED: Benchmarking security with a BSIMM assessment
CRED, a FinTech commerce company and BSIMM member since early 2022, underwent a BSIMM assessment to benchmark its security processes ...
Build a holistic AppSec program
What does it mean to build a holistic AppSec program? Learn what’s involved in a holistic approach and how to get started. The post Build a holistic AppSec program appeared first on ...
What is the maturity level of your AppSec program?
Using the Forrester assessment, you can measure the maturity of your AppSec program to help identify areas for improvement. The post What is the maturity level of your AppSec program? appeared first ...
Effective software security activities for managing supply chain risks
BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. The post Effective software security activities for managing supply chain risks appeared ...
