Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training

Power to the Players: 3 Tips for Gamifying Your Cybersecurity Training

It’s no hidden secret that an increased level of training and education is both one of the biggest needs and shortcomings in the cybersecurity industry. Organizations are falling victim to cyberattacks more ...
The Open Source Cookbook: Prepping Your Kitchen

The Open Source Cookbook: Prepping Your Kitchen

Over the course of this adventure into the culinary world of software development, we have drawn comparisons between open source software and cookie recipes, and equated open source risks to spoiled ingredients ...
Kotlin Guide: Why We Need Mobile Application Secure Coding Practices

Kotlin Guide: Why We Need Mobile Application Secure Coding Practices

October is the annual National Cybersecurity Awareness Month (NCSAM), which is promoted by the U.S. Department of Homeland Security and the National Initiative for Cybersecurity Careers and Studies (NICCS). According to the ...
Becoming Optimus Prime Within Your AppSec Initiatives

Becoming Optimus Prime Within Your AppSec Initiatives

When I was a child, I didn’t dream of becoming a legendary football player or a rock star. My dream was to become a Transformer: specifically Optimus Prime. I am sure some ...
The Open Source Cookbook: Understanding Your Software Ingredients

The Open Source Cookbook: Understanding Your Software Ingredients

As I introduced in my last article, where we explored the variance among open source components, distros, and forks, open source software and modern application development can be equated to baking. This ...
Why you need to be thinking about API Security

Why you need to be thinking about API Security

As cyber attackers continue to take advantage of vulnerable people, processes, and technology, they are now expanding their operations beyond “traditional” targets. It seems that nothing is outside of their jurisdiction and ...
AppSec Training – Necessary, but not sufficient

AppSec Training – Necessary, but not sufficient

It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security ...
Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019

Why Software Security and DevOps Were the Talk of the Town at Black Hat and DEF CON 2019

In the wake of Black Hat 2019 and DEF CON 27, there is no doubt that the cybersecurity industry is growing beyond anyone’s expectations. The sheer number of sponsors and attendees who ...
Training Exposure: Addressing Secure Coding Education in Your Software Security Program

Training Exposure: Addressing Secure Coding Education in Your Software Security Program

According to the Verizon 2019 Data Breach Investigation Report, 69 percent of the data breaches investigated by Verizon were perpetrated by outsiders, 63 percent were the result of attackers targeting server assets, ...
Adoption Exposure: Your Software Security Needs Integration and Automation

Adoption Exposure: Your Software Security Needs Integration and Automation

There are many software security solutions available today designed to provide insight into important security issues found during software development. As organizations begin moving forward with DevOps initiatives, are their current Application ...