Beating application security cost cuts in continuously uncertain times

After briefly stirring into life as Covid restrictions were lifted, companies and entire economies are again stepping on the brakes as they brace for yet another “current situation.” At the same time, ...
Invicti at Black Hat 2022

Black Hat 2022: from cyberwarfare to the rise of RCE

Black Hat 2022 is coming to a close, and we’re leaving the conference with fresh industry insights, new contacts, and ideas for the future of DevSecOps. While we couldn’t see it all, ...

Struggling to build DevSecOps? Security champions can save your day

What’s in a name? If you’re a security champion, a lot. These security-minded men and women hold information-sharing power within an organization. They work daily to relay essential updates, surface and resolve ...

Buried under security debt? Here’s how to dig yourself out to improve security posture

Security debt, like all technical debt, slows software production and also increases risk. The good news is that once you understand your threat landscape, you can start paying down that debt. Invicti’s ...

Rethinking web application security best practices

Web app security has gone from a niche area of cybersecurity to a crucial aspect of minimizing security risks to businesses and entire economies. As web development expands and accelerates in an ...
DAST vs. SAST: Fact check on static and dynamic application security testing

DAST vs. SAST: Fact check on static and dynamic application security testing

Getting lost in the AppSec acronyms and vendor claims? Here’s a quick guide to what the major web application security testing technologies can and cannot do – and why you should be ...

Why the Log4Shell vulnerability will never become yesterday’s news

On July 11, 2022, the Cyber Safety Review Board (CSRB) published a report on Log4Shelstating that organizations should be prepared to address Log4j vulnerabilities for years to come. We're taking a look ...

New DoJ review urges zero trust adoption to fortify security posture

The US Department of Justice has released a report outlining the progress in achieving cybersecurity goals set by the Biden Administration’s Executive Order on cybersecurity. The report also includes guidance for adopting ...
Perception Point API data security Salesforce AppSec Changing Face of Web Application Security

Perception Point Makes Securing Browsers Simpler

Perception Point this week launched an alternative approach to creating sandboxes on Chrome and Microsoft Edge browsers that isolates browser sessions from potential web threats. Perception Point Advanced Browser Security leverages the ...
Security Boulevard
The Culture Blindspot: Harmonizing DevSecOps Helps Curb Burnout - Sonali Shah - RSA22 #2

Four features of modern AppSec that help curb cybersecurity burnout

In the race to innovation, security is often the victim of difficult time-saving decisions. Those decisions (or lack thereof) cause unnecessary stress for DevSecOps teams working to build secure, innovative applications as ...