Intro to AppSec

For those new to application security, we cover the application security basics and answer questions such as what is application security, why it's important, how it fits in the security ecosystem and how to get started.

Presenting "Application Security Fallacies and Realities"

sciccone's picture
By Suzanne Ciccone December 16, 2015  | Intro to AppSec

When it comes to answering the questions, what is application security, and how does it work?, misunderstandings abound. Why is application security so misunderstood? Perhaps it’s because vulnerabilities are an abstract concept that hasn’t been explored in depth in the media or in software development coursework. Perhaps it’s because for years, network security and endpoint... READ MORE

Presenting the Ultimate Guide to Getting Started with Application Security

jlavery's picture
By Jessica Lavery December 10, 2015  | Intro to AppSec

Creating an Application Security Program Doesn’t Have to Be Like Climbing Everest Creating an application security program can be a daunting task – especially when you are starting from scratch! When you are beginning with nothing, the idea of creating a comprehensive and advanced application security program must feel like standing at the bottom of Mount Everest with your North Face... READ MORE

3 Tips for a Better Quality Assurance Process

jmontesi's picture
By John Montesi November 4, 2015  | Intro to AppSec

In the maddening race to deliver more products, faster, and at a higher quality than ever before, the stakes grow as technical debt soars. Many developers shorten or skip the quality assurance process to meet unreasonable demands, which leads to tension between security teams, product teams and the business. Here's a look at three ways to keep your quality assurance process thorough without... READ MORE

10 Common Security Vulnerabilities

ewade's picture
By Evan Wade November 2, 2015  | Intro to AppSec

You don't need to be an expert to know that hacks, attacks and other digital security breaches are never a good thing. But one industry's annoyance is another industry's nightmare — and if you've read Veracode's "State of Software Security Report, Volume 6," then you know that most common security vulnerabilities are more frequent in some industries than others... READ MORE

The New Information Security Career Path for CISOs

ppaganini's picture
By Pierluigi Paganini October 22, 2015  | Intro to AppSec

An organization's security posture is becoming a key success factor. As cybersecurity becomes more essential, the role of the chief information security officer (CISO) is rapidly evolving — and with it the information security career path. A recent Forrester report, entitled "Evolve To Become The 2018 CISO Or Face Extinction," highlights how the CISO role is shifting to that... READ MORE

Need a Better IT Organizational Structure? There's an "I" in "IT"

dbonderud's picture
By Doug Bonderud October 21, 2015  | Intro to AppSec

Who's held responsible if company data is breached? According to Dark Reading, chief information security officers (CISOs) are a top pick — almost half of US CEOs and other C-suite execs say CISOs are accountable for IT security failures. But there's a problem, since only 38 percent believe CISOs should take charge of security strategy and purchasing decisions. Bottom line? This... READ MORE

Third-Party Application Security Risks in Modern Companies

ppaganini's picture
By Pierluigi Paganini October 15, 2015  | Intro to AppSec

How do companies approach third-party application security? With more and more services and products relying on third parties to facilitate software development, that's an important question. Third-party code can have a significant impact on cybersecurity, introducing risks at the same time as it speeds up business processes. And if firms fail to take those risks seriously, the effects can be... READ MORE

To Understand How a Secure Application Layer Can Prevent Disaster, Look No Further Than 2014's High-Profile Cyberattacks

jmontesi's picture
By John Montesi August 26, 2015  | Intro to AppSec

2014 was a good year for cybercriminals. Several marquee hacks cost corporations billions of dollars — and, as Veracode's "2014: The Year of the Application Layer Breach" ebook points out, almost all of them originated in the application layer. As businesses of all types become increasingly dependent on software, the number of potential vulnerabilities in their systems... READ MORE

Security Testing Is the Cheapest Way to Save a Billion Dollars

jmontesi's picture
By John Montesi August 12, 2015  | Intro to AppSec

Everyone heard about the great Target credit-card hack of 2013. It was a nightmare scenario — a massive security breach came to light as Black Friday and the holiday shopping season began. A lack of comprehensive security testing resulted in a situation that caused damage to Target's reputation, with subsequent reparations totaling $148 million to date, according to the New York Times.... READ MORE

A Systematic Approach Yields More Benefits Than Just Security Compliance

ewade's picture
By Evan Wade August 11, 2015  | Intro to AppSec

Regulations, such as those finance and healthcare must adhere to, are put in place to protect people's data. Patients, customers, employees and anyone else whose sensitive information is stored and transmitted generally don't like having it improperly handled. Makes sense, right? While real-world examples vary, and most sets of regulations cover far more than customer data alone, that... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu