Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

Podcast: AppSec's Effect on the Bottom Line

sciccone's picture
By Suzanne Ciccone March 21, 2018
How integrating security into the development lifecycle can boost profits.

Traditionally, most executives have thought of security as a necessary evil – an investment that was needed solely to avoid a bad outcome, but not something that would bring in new customers or boost revenue. But that seems to be changing. CA Technologies recently surveyed IT and business leaders to find out how well organizations are integrating security throughout the development process – a... READ MORE

Do IT Pros Consider Security When Purchasing Software?

sciccone's picture
By Suzanne Ciccone March 19, 2018
How to make security a competitive advantage

Traditionally, security was about cost avoidance. It was thought of like insurance – something you have to have in case something bad happens, but not something that would boost the bottom line or attract customers. But in today’s environment, we are increasingly seeing that security is about more than cost avoidance; done right, it creates a competitive advantage. The results of a recent IDG... READ MORE

Introducing CA Veracode Verified

amay's picture
By Asha May March 15, 2018
Get your app Verified.

Are you struggling to respond to customer and prospect concerns about the security of your application? Do you know what good application security looks like, or how to get there? CA Veracode is pleased to announce the CA Veracode Verified program. With CA Veracode Verified, you prove at a glance that you’ve made security a priority, and that your security program is backed by one of the most... READ MORE

Security: Create a Development Champion

sciccone's picture
By Suzanne Ciccone March 13, 2018  | Secure Development
how to create a development champion on the security team

We talk a lot about the need for development teams to create security champions. With the shift to DevOps – and the intersecting of development, security, and operations teams – development and security teams can no longer operate in their traditional silos. Each team needs to not only work closely together, but also have a much deeper understanding of each others’ pains, processes, and... READ MORE

How to Prevent a Breach From Spring Break

cwysopal's picture
By Chris Wysopal March 8, 2018  | Managing AppSec
Spring Break Vulnerability

Spring Break, the latest named vulnerability, is more serious than the moniker implies. Spring Break is a critical remote code execution vulnerability in Pivotal Spring REST, one of the most popular frameworks for building web applications, and the effects of this vulnerability are widespread. A patch for Spring Break has been available since September of last year, but the vulnerability broke... READ MORE

What Executives Will Get Out of our DevSecOps Virtual Summit

jcoletta's picture
By Joe Coletta February 27, 2018
What executives need to know about DevSecOps

Our economy is almost entirely digitized. Modern businesses rely on software to run their day-to-day operations, and, as such, innovation must meet the demands of an ever-evolving market. However, business leaders are at a crossroads when it comes to securing their digital assets. As organizations migrate towards development practices like DevOps, the need to produce software faster becomes as... READ MORE

Top 5 Ways to Get Developer Application Security Buy-In [VIDEO]

sciccone's picture
By Suzanne Ciccone February 26, 2018
How to get developer buy-in for your AppSec program

The speed and scope of software development today is creating new challenges in ensuring the security of software. But they also create the opportunity to finally get application security right. Both the challenge and the opportunity stem, in part, from the fact that security is “shifting left.” The responsibility for ensuring the stability and security of software through production and customer... READ MORE

NYDFS Cybersecurity Regulation Transition Period Ends

jzorabedian's picture
By John Zorabedian February 23, 2018  | Managing AppSec
NYDFS Cybersecurity Regulation

March 1, 2018 marks the end of the one-year transition period for the New York Department of Financial Services (NYDFS) cybersecurity regulation. The passage of this date means affected organizations — including banks, insurance companies, and other financial services companies licensed by or operating in New York State — must be in compliance with a raft of security rules intended to protect non... READ MORE

5 Essential Steps to Shift Security Left [VIDEO]

sciccone's picture
By Suzanne Ciccone February 8, 2018
How to shift security left in your development process.

Speed rules in software development today. The DevOps model means getting newer, better, faster into the hands of customers as quickly as possible is the name of the game. But where does that leave security? If it’s not done right -- overlooked or worked around. Done right -- it’s embedded into the software development process from day one, unobtrusively checking for and removing vulnerabilities... READ MORE

Top 5 AppSec Missteps

swright's picture
By Steven Wright February 2, 2018
The top AppSec mistakes we see our customers make

In my three-plus years working with enterprise clients to help grow and mature their application security programs, I have seen the gamut of well-run programs and not-so-well run programs.  For the not-so-well-run programs, it is often the same reasons why the program is not successful and not reaching higher maturity levels.  The following are the top 5 mistakes I see most often: 1. No... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu