Evan Wade

Evan Wade is a professional freelance writer, author, and editor from Indianapolis. His time as a sales consultant with AT&T, combined with his current work as a tech reporter, give him unique insight into the world of mobile/Web security and the steps needed to properly secure software products. Follow him on Twitter.
Posts by Evan Wade

Concepts, Events and AppSec: What Does Your Training Focus On?

December 10, 2014

The difference between applied and reactive training is huge in the field of software development, especially when AppSec is involved. I'm a big fan of the "applied learning" side of the equation, at least as it relates to security. In his article, "The 7 Deadly Sins of Application Security," 20-year industry vet and Aspect Security CTO and co-founder Jeff Williams nails... READ MORE

Third-Party Compliance Is Vital — and Starts with Early Action

November 24, 2014

Compliance. As with standards, the concept rests firmly between "must do" and "maddening" for businesses and the companies that develop software for them. As the software supply chain become more complex, the lists of requirements and regulations an app must abide by gets longer and longer — complicating the otherwise simple act of following the rules. No matter the... READ MORE

Develop a Culture of Application Security: Our 4-Step Road Map

November 21, 2014

Application security isn't just a list of practices or a set of rules to go by — it's a state of mind. Even if that sounds hokey, it's also absolutely, totally, 100 percent true. Without the proper culture instilled at an office-wide level, no cutting-edge protocols or best practices can save you from introducing security flaws into your work. The good news is that AppSec can be... READ MORE

Prevent Web Application Vulnerabilities by Testing Early

November 14, 2014  | Intro to AppSec

An exploit is not an exploit is not an exploit. Though many abusable web application vulnerabilities ostensibly come with the same goal in mind — namely, letting malicious jerks access all sorts of sensitive data — the various roads they take to reach that end are nearly as wide and varied as the types of software they attack. Here's a look at three well-known web application... READ MORE

How Agile Development, Automation and Security Can Work Together

October 28, 2014

8025132149_e1d8b124f0_o.jpg Cutting corners is rarely good business. Whether you're flipping burgers, schmoozing clients or practicing law, taking the short route in your industry will almost always make someone angry. Take software, an industry governed by (generally) stringent standards and high-paying clients. Agile development, an ever-growing practice that ranges somewhere... READ MORE

Say "No" to More Security Testing Tools: 5 Reasons Less Is (Often) More

September 30, 2014

testing-tools-less-can-be-more.jpg Security testing tools can be godsends for software developers and the quality assurance teams that support them. Automation is a big thing in this world of incremental releases and instant gratification, after all, and digital security for mobile and Web apps is just as large a concern as it's ever been. Tools allow us to achieve the former... READ MORE

Is Protecting Against SQL Injection (and Other Issues) Worth $2.6 Million?

September 19, 2014  | Security News

sql-injection-cost-of-protection.jpg It's not exactly earth-shattering news: businesses like having (and making!) money. And it's likely no surprise that many companies achieve that goal in part by handling their operational costs as efficiently as possible. Whether they're selling cheeseburgers or slinging software, close attention paid to the cost of doing business is... READ MORE

The Globalization of Security Testing: A World of Good (Standards)

September 17, 2014

global-appsec-testing.jpg Surely and not-so-slowly, the concept of "internationality" is disappearing — at least in terms of the free exchange of information — and the tiny, expensive devices in our pockets and purses are leading the charge. For end users, the benefits of global information access are as obvious as they are numerous, especially thanks to apps such as Word Lens that... READ MORE

Not Just a Buzzword: Achieving Security Awareness Across an Organization

September 15, 2014

security-awareness.jpg There's a reason digital security and privacy concerns are more prevalent in the minds of end users than they've ever been. When your entire life is stored on a pocket-sized device designed to access other devices and networks, the thought of a stranger gaining access is horrifying. Personal photographs, bank accounts, private correspondences with... READ MORE

Security Assessment, Speed — and the Death of Mutual Exclusivity

September 12, 2014

Maintaining focus is important, but priorities shift. Those seven words sum up a conflict as old as time in the world of software development, where sharpening focus in one area inevitably causes a need for improvement in another. If anything, it's a testament to the cyclical nature of development as a whole: Any change, from a shift in methodology to implementation of new technology, can... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu