Intro to AppSec

For those new to application security, we cover the application security basics and answer questions such as what is application security, why it's important, how it fits in the security ecosystem and how to get started.

Where AppSec has let me down

jcratty's picture
By Jeff Cratty February 24, 2016  | Intro to AppSec | Secure Development 5

There are a lot of great perks that come with being a developer.  On the upside, I enjoy the challenge of developing solutions to real world problems with peers in UX, PM, QA, Ops, etc.  I love the creative process and the energy a team has when we are firing in the same direction at the same time.  I love building the stuff and making the team hum.  I love that sense of... READ MORE

3 Steps To Getting Started With Web Application Security

sciccone's picture
By Suzanne Ciccone February 23, 2016  | Intro to AppSec

Companies are producing more applications today than ever before, and with this increased production comes increased risk.  Many enterprises recognize the need for application security but aren’t making it a priority.  This is usually because application security is mistakenly seen as an overly complex and expensive endeavor. What those responsible for securing the applications at... READ MORE

Why RASP is a Transformational Technology

jfeiman's picture
By Joseph Feiman February 12, 2016  | Intro to AppSec

For the most part, new technology is evolutionary, it advances on the innovations of the past. An example of evolutionary technology in the security world would be next generation firewall. It advanced the technology already created to provide some new capabilities. Every so often, we see a technology that is innovative, and even rarer a truly transformational technology, or an innovation that... READ MORE

Where do vulnerabilities come from?

jlavery's picture
By Jessica Lavery February 11, 2016  | Intro to AppSec

I’ll tell you one thing, it isn’t the stork! It’s not the explicit fault of the developers either. Vulnerabilities come from a combination of insecure coding practices, an ever-shifting threat landscape, the use of vulnerable components and code and idiosyncrasies of programming languages. And despite the growing reliance on and risks related to software, these problems persist... READ MORE

What is real-time security and why it is needed

jfeiman's picture
By Joseph Feiman January 29, 2016  | Intro to AppSec

28047375_ml.jpg Application security has emerged, evolved, matured and adopted at the programming and testing phases of application lifecycle, not at its operation phase. Technologies for application protection at the operation phase have been adopted at lesser degree and even then they are only adopted with some stipulation. This can be explained. Adopting application assessment/... READ MORE

How AppSec Fits into an Information Security Program

dbonderud's picture
By Doug Bonderud January 28, 2016  | Intro to AppSec

fits-well.jpg Want a better information security program? Most companies do and are willing to spend big money on safeguarding critical systems. As noted by Infosecurity Magazine, Allied Market Research predicts huge growth in the hardware encryption market, with a CAGR of more than 50 percent and a net value of almost $300 billion by 2020. But locking down data at rest and in... READ MORE

What Is Application Security?

jlavery's picture
By Jessica Lavery January 20, 2016  | Intro to AppSec

what-is-application-security-veracode-1.jpg The past few years have seen a tremendous increase in the number and severity of successful attacks aimed at the application layer. In fact, recent studies indicate that attacks on the application layer are growing by more than 25 percent annually (Akamai Q3 2015 State of the Internet - Security Report). The news headlines are filled with... READ MORE

Why Doesn’t Application Security Get Enough Attention?

jlavery's picture
By Jessica Lavery January 19, 2016  | Intro to AppSec

39760934_ml.jpg It is almost impossible to comprehend why application security isn’t getting more attention. In 2014 alone, there were eight major breaches through the application layer, resulting in more than 450 million personal or financial records stolen. And we aren’t talking about small breaches at companies no one has heard of. Target, JPMorgan Chase, Community... READ MORE

Interactions, Trust, and Google Chrome

gnorman's picture
By Glenn Norman January 14, 2016  | Intro to AppSec

“There are two ways you can do application security” sounds like the setup line for a joke, doesn't it? consequence-of-convenience.png Method 1 is what the majority says you're supposed to do, or at least what “best practices” tells you to do. Let's call that Method 1. Method 1 is the popular way to do network, system and application security... READ MORE

Application Security Buy-in and the Obligatory Exercise Analogy

Anonymous's picture
By January 13, 2016  | Managing AppSec

Who doesn’t love a good analogy? Yes, they are trite, especially when making comparisons to exercise or good health habits. Which is why I am going to do exactly that! It’s the obligatory January, “let’s-compare-everything-to-exercise” analogy. Go with me for a minute. Isn’t getting started with application security exactly like getting started with a new exercise program? It is overwhelming... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu