appsec awareness program
Prioritizing Security a Challenge for Dev Teams
Security has long been seen as an afterthought in the DevOps process, and a new report from Secure Code Warrior offers a reason why. While developers say a security-led approach is important ...
Mutation Cross-Site Scripting (mXSS) Vulnerabilities Discovered in Mozilla-Bleach
As part of the beta testing phase that took place earlier this year for our recently launched Software Composition Analysis solution, CxSCA, the Checkmarx Security Research Team investigated Mozilla-Bleach, finding multiple concerning ...
The Road to DevSecOps: Addressing the Challenges of AppSec Awareness
Recently, I had an opportunity to sit down with Kurt Risley and ask him about his experiences and observations when working with organizations who desire to develop a comprehensive AppSec Awareness Program ...
AppSec Training – Necessary, but not sufficient
It’s no secret that the earlier you discover security bugs in the software development life cycle (SDLC), the more time, money, and resources you will save. While making use of “reactive” security ...