Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

A Pragmatic Approach to Leveraging WAF and RASP

JPelletier's picture
By Joe Pelletier February 16, 2016  | Managing AppSec

Updated: 7/18/2017 Runtime Application Self-Protection (RASP) is a revolutionary technology that aims at improving application security.  RASP integrates monitoring and protection as part of the deployment of web applications making it the first technology to provide protection in real-time. RASP is a new technology with the promise of improving application security by enabling applications... READ MORE

Why Ignoring Development and Security Teams Undermines Application Security

sciccone's picture
By Suzanne Ciccone February 11, 2016  | Managing AppSec

47913936_ml.jpg In an era of increasingly sophisticated data hacks and attacks, there's a critical need to move beyond protecting your business’s perimeter. To thoroughly safeguard your organization, your enterprise must adopt an approach that addresses systems and software throughout their lifecycles. A key piece of this strategic approach? Application security. According... READ MORE

How to Train a Globally Distributed Development Team

alee's picture
By Amanda Lee February 10, 2016  | Managing AppSec | Secure Development

How companies with successful AppSec programs train globally distributed teams on secure development practices and security guidelines. Every large organization now has a complex and globally distributed software development process. It doesn’t matter whether your developers are in-house or out-sourced; based in Bangalore or Boston, the expectation is that quality, bug-free, secure software... READ MORE

Quick Wins: Get Defensive About App Security | CA Veracode

sciccone's picture
By Suzanne Ciccone February 8, 2016  | Managing AppSec

Application security differs from other forms of security in the number of people it affects. Unlike installing a firewall or anti-virus software, an application security program will affect the everyday routines of many employees in many departments throughout your organization. And you need those employees to buy-in to the goals and policies of your program for it to succeed. Want a good way to... READ MORE

Security Team – Here Are 5 Things I Need From You

jcratty's picture
By Jeff Cratty February 3, 2016  | Managing AppSec 3

A developer’s perspective on security teams coming in at the last minute to impose requirements on the development team First things first, I am by training, occupation, and birthright a DEVELOPER (yeah, I just screamed that and yeah I said “birthright”)! I was born this way, and if I didn’t love this stuff, there is no way I’d be capable of doing my job. This job... READ MORE

How We Worked with Our Development Team to Make Security a Differentiator

hpobanz's picture
By Hailey Pobanz January 21, 2016  | Managing AppSec

Starting an application security program at our mobile app company was becoming an inevitability. Yet, there were still groups within the company that didn’t see the value or thought starting a full-scale program wasn’t worth the effort. My challenge – in addition to developing a strategy that reduced risk and didn’t slow down the development processes – was to make... READ MORE

AppSec in Healthcare: Defending Patient Data

eseymour's picture
By Eric Seymour January 21, 2016  | Managing AppSec

As a single healthcare record brings nearly 10 times the value of a stolen credit-card number, combined with the competitive differentiation of healthcare intellectual property (drug or device development, billing processes, care procedures, etc.), it’s no wonder cyberattackers are increasingly targeting healthcare providers. The rapidly expanding IT footprint, a bottoms-up technology... READ MORE

6 Tips for Turning Developers Into AppSec Allies

sciccone's picture
By Suzanne Ciccone January 14, 2016
Getting along with developers.

The development team can be the biggest barrier to the success of your application security (AppSec) program. If this team does not follow the protocol outlined in your program plan, you will be unable to demonstrate the value of your program, and it could stall before getting started. Background Security and development often seem to have competing priorities – delivering code on time vs.... READ MORE

Application Security Buy-in and the Obligatory Exercise Analogy

rnislick's picture
By Rachel Nislick January 13, 2016  | Managing AppSec

Who doesn’t love a good analogy? Yes, they are trite, especially when making comparisons to exercise or good health habits. Which is why I am going to do exactly that! It’s the obligatory January, “let’s-compare-everything-to-exercise” analogy. Go with me for a minute. Isn’t getting started with application security exactly like getting started with a new... READ MORE

3 Ways to Get Your Development Team on Board with Application Security

working-with-development-team.png Protecting enterprise data and assets is a daunting task. According to IT industry organization ISACA, 82 percent of respondents to an April 2015 survey indicated that their enterprise is now "likely" or "very likely" to be attacked — only 1 percent said it's "not at all likely." Meanwhile, the average annual... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu