Managing AppSec

When your application security program is up and running, you need best-practice advice on managing and growing the program. Our security experts will guide you through important steps like measuring the success of your program or expanding it to cover more of the application landscape.

Security Team – Here Are 5 Things I Need From You

jcratty's picture
By Jeff Cratty February 3, 2016  | Managing AppSec 3

A developer’s perspective on security teams coming in at the last minute to impose requirements on the development team First things first, I am by training, occupation, and birthright a DEVELOPER (yeah, I just screamed that and yeah I said “birthright”)! I was born this way, and if I didn’t love this stuff, there is no way I’d be capable of doing my job. This job... READ MORE

How We Worked with Our Development Team to Make Security a Differentiator

hpobanz's picture
By Hailey Pobanz January 21, 2016  | Managing AppSec

Starting an application security program at our mobile app company was becoming an inevitability. Yet, there were still groups within the company that didn’t see the value or thought starting a full-scale program wasn’t worth the effort. My challenge – in addition to developing a strategy that reduced risk and didn’t slow down the development processes – was to make... READ MORE

AppSec in Healthcare: Defending Patient Data

eseymour's picture
By Eric Seymour January 21, 2016  | Managing AppSec

As a single healthcare record brings nearly 10 times the value of a stolen credit-card number, combined with the competitive differentiation of healthcare intellectual property (drug or device development, billing processes, care procedures, etc.), it’s no wonder cyberattackers are increasingly targeting healthcare providers. The rapidly expanding IT footprint, a bottoms-up technology... READ MORE

6 Tips for Turning Developers Into AppSec Allies

sciccone's picture
By Suzanne Ciccone January 14, 2016
Getting along with developers.

The development team can be the biggest barrier to the success of your application security (AppSec) program. If this team does not follow the protocol outlined in your program plan, you will be unable to demonstrate the value of your program, and it could stall before getting started. Background Security and development often seem to have competing priorities – delivering code on time vs.... READ MORE

Application Security Buy-in and the Obligatory Exercise Analogy

rnislick's picture
By Rachel Nislick January 13, 2016  | Managing AppSec

Who doesn’t love a good analogy? Yes, they are trite, especially when making comparisons to exercise or good health habits. Which is why I am going to do exactly that! It’s the obligatory January, “let’s-compare-everything-to-exercise” analogy. Go with me for a minute. Isn’t getting started with application security exactly like getting started with a new... READ MORE

3 Ways to Get Your Development Team on Board with Application Security

working-with-development-team.png Protecting enterprise data and assets is a daunting task. According to IT industry organization ISACA, 82 percent of respondents to an April 2015 survey indicated that their enterprise is now "likely" or "very likely" to be attacked — only 1 percent said it's "not at all likely." Meanwhile, the average annual... READ MORE

Cracking the Code on Application Security Buy-in

jlavery's picture
By Jessica Lavery January 7, 2016  | Managing AppSec

Application security is unlike other forms of IT security in several ways. One of the reasons it is so unique, and at times difficult, is because it is a project that never ends. With other forms of security, you implement a great solution, create your rules, and then monitor and tweak when necessary. These types of security don’t typically require creating a new set of protocols or a... READ MORE

What Causes An Information Security Program to Fail?

ppaganini's picture
By Pierluigi Paganini December 18, 2015  | Managing AppSec

Most successful, high-profile security incidents are caused by the failure of an information security program. In many cases, the exploitation of a vulnerability in an application is the root cause of major attacks. In recent years, the number of successful cyberattacks has been consistently increasing, and data breaches represent a large percentage of these offensives. More than one-third of... READ MORE

Checklist for Creating an Application Security Program

jlavery's picture
By Jessica Lavery December 17, 2015  | Managing AppSec

As we know, creating an application security program can be a daunting task. Yet many companies have been successful by creating a plan for implementing a program that is broken up into manageable chunks. But once you’ve decided that you must implement an advanced program at your company, how do you know where to start? This checklist provides a practical guide for creating your application... READ MORE

Why Application Security Programs Fail

jlavery's picture
By Jessica Lavery December 17, 2015  | Managing AppSec

top-3-reasons-appsec-programs-fail-veracode.jpg The main hurdle that prohibits organizations from embarking on an advanced application security program is knowing where to start. But once you’ve figured out your starting point and your key metrics, and worked with groups in your enterprise to create a strategy, your program still isn’t guaranteed to be a success. There... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu