Skip to main content

Doug Bonderud

Doug Bonderud is a freelance writer passionate about the evolution of technology and its impact on companies, stakeholders and end-users alike. Want to know more? Follow Doug on Twitter.

Posts by Doug Bonderud
  • Sure, the KISS rule ("Keep it simple, stupid!") sounds a little harsh, but it's an easy way to remember a universal truth: Processes work best when they aren't overly complicated. One area at risk of overcomplication is application security. This isn't surprising — bugs like Bash and Heartbleed, along with flaws such as the Misfortune Cookie or GHOST, seem to pop up at… READ MORE

Stay up to date on Application Security

  • Agile isn't enough on its own. While this method of software development offers speed, security and stability, it's not perfect. The problem? It's often tied to ingrained organizational communication structures, which in turn have serious impacts on the way software is designed, tested and rolled out. The solution? Cross-functional teams that go beyond traditional borders. Here's… READ MORE

  • The Internet of Things (IoT) promises a host of benefits for companies, but as security experts have been quick to warn, it also brings a great deal of risk. Case in point? "Misfortune Cookie," a flaw discovered by Check Point Software that puts 12 million internet-connected devices in danger. The cookie has already left a bad taste in the mouths of IT professionals — but is it… READ MORE

  • iOS devices are immune to malware — or at least, that's what Apple would have your enterprise believe. There's some truth to the claim, since malicious actors historically targeted open-source platforms such as Android instead of the closed ecosystems of iPhones and iPads. But as common sense dictates, it was only a matter of time before they found a serious iOS security flaw. Enter… READ MORE

  • It is six times as expensive to fix an app vulnerability in production than to fix one in development, according to a recent Veracode webinar. This shouldn't come as a surprise: developers test for functional and performance bugs early in the in the Software Development Life Cycle (SDLC). So it makes sense that people producing code are doing security testing early, they're testing often… READ MORE

  • Insurance isn't exciting. It doesn't generate noteworthy buzz or media interest — and for most companies, insurance policies are signed, stored and then forgotten unless absolutely needed. But emerging IT security threats such as Shellshock and the recurring Backoff malware have prompted significant growth in the cyber insurance market. Insurance for web application developers is one unique area… READ MORE

  • If software composition analysis is the key ingredient in your application development recipe, coding standards will make it rise. When baked into every step of the agile development process, they give you a leg up on functionality, testing and — perhaps most importantly — security. With too many companies now skipping the standards and trying purely for speed, it's worth… READ MORE

  • The Internet-of-Things (IoT) concept has been making the technology rounds for several years. Today, big businesses and small companies are getting on board with the notion that a host of tiny, interconnected devices could pave the way to some kind of low-cost, highly agile Utopia. However, as Dave Lewis of Forbes noted, IoT security should emerge as a critical field as IoT becomes a reality. Yet… READ MORE

  • According to recent data from MarketsandMarkets, the market for portable medical devices will be worth $20 billion by 2018. One key factor in this growth is the "availability of a wide range of medical software applications" that allows manufacturers and health agencies to custom-design medical devices to meet specific needs. The US Food and Drug Administration (FDA), meanwhile, has… READ MORE

  • In late September, Shellshock exploded, becoming the internet's newest "big problem." Stemming from a flaw in Bash — the default shell for OS X and Linux, and often installed on Windows-based devices as well — the vulnerability caused a wave of panic, exploits and, subsequently, patches to fix this 25-year-old problem. But this is just the latest in a series of threats… READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.