Intro to AppSec

For those new to application security, we cover the application security basics and answer questions such as what is application security, why it's important, how it fits in the security ecosystem and how to get started.

Don't Let AppSec Misconceptions Lead You Astray

ppaganini's picture
By Pierluigi Paganini December 17, 2015  | Intro to AppSec

When it comes to application security in a workplace, one of the main challenges is due to the misconception that it's hard to implement and very difficult to maintain. This fallacy mainly derives from a lack of awareness regarding cyberthreats and the correct way to mitigate them. AppSec represents a challenge for any organization because in the majority of cases, internal personnel aren... READ MORE

The Top 6 App Security Myths and Why You Can't Believe Them

jmontesi's picture
By John Montesi December 16, 2015  | Intro to AppSec

Application security is hardly the hottest topic around most water coolers. That hasn't stopped several app security myths from developing and spiraling out of control. Before one more person tells you that basic antivirus software can prevent all types of malicious hacking, drop everything you're doing and read this list of the top six AppSec myths. 1. It's too expensive. We've... READ MORE

Presenting "Application Security Fallacies and Realities"

sciccone's picture
By Suzanne Ciccone December 16, 2015  | Intro to AppSec

When it comes to answering the questions, what is application security, and how does it work?, misunderstandings abound. Why is application security so misunderstood? Perhaps it’s because vulnerabilities are an abstract concept that hasn’t been explored in depth in the media or in software development coursework. Perhaps it’s because for years, network security and endpoint... READ MORE

Presenting the Ultimate Guide to Getting Started with Application Security

jlavery's picture
By Jessica Lavery December 10, 2015  | Intro to AppSec

Creating an Application Security Program Doesn’t Have to Be Like Climbing Everest Creating an application security program can be a daunting task – especially when you are starting from scratch! When you are beginning with nothing, the idea of creating a comprehensive and advanced application security program must feel like standing at the bottom of Mount Everest with your North Face... READ MORE

The case for anonymous case studies

jlavery's picture
By Jessica Lavery December 10, 2015  | Managing AppSec

When beginning your application security journey, one of the most valuable actions you can take is to learn from the experiences of those who have gone before you. Yet the sensitive nature of security and the fear of becoming a target of hackers have led most enterprises to resist sharing their stories publicly. Some have shared their tales in closed-door meetings and exclusive events like the... READ MORE

3 Tips for a Better Quality Assurance Process

jmontesi's picture
By John Montesi November 4, 2015  | Intro to AppSec

In the maddening race to deliver more products, faster, and at a higher quality than ever before, the stakes grow as technical debt soars. Many developers shorten or skip the quality assurance process to meet unreasonable demands, which leads to tension between security teams, product teams and the business. Here's a look at three ways to keep your quality assurance process thorough without... READ MORE

10 Common Security Vulnerabilities

ewade's picture
By Evan Wade November 2, 2015  | Intro to AppSec

You don't need to be an expert to know that hacks, attacks and other digital security breaches are never a good thing. But one industry's annoyance is another industry's nightmare — and if you've read Veracode's "State of Software Security Report, Volume 6," then you know that most common security vulnerabilities are more frequent in some industries than others... READ MORE

The New Information Security Career Path for CISOs

ppaganini's picture
By Pierluigi Paganini October 22, 2015  | Intro to AppSec

An organization's security posture is becoming a key success factor. As cybersecurity becomes more essential, the role of the chief information security officer (CISO) is rapidly evolving — and with it the information security career path. A recent Forrester report, entitled "Evolve To Become The 2018 CISO Or Face Extinction," highlights how the CISO role is shifting to that... READ MORE

Need a Better IT Organizational Structure? There's an "I" in "IT"

dbonderud's picture
By Doug Bonderud October 21, 2015  | Intro to AppSec

Who's held responsible if company data is breached? According to Dark Reading, chief information security officers (CISOs) are a top pick — almost half of US CEOs and other C-suite execs say CISOs are accountable for IT security failures. But there's a problem, since only 38 percent believe CISOs should take charge of security strategy and purchasing decisions. Bottom line? This... READ MORE

Third-Party Application Security Risks in Modern Companies

ppaganini's picture
By Pierluigi Paganini October 15, 2015  | Intro to AppSec

How do companies approach third-party application security? With more and more services and products relying on third parties to facilitate software development, that's an important question. Third-party code can have a significant impact on cybersecurity, introducing risks at the same time as it speeds up business processes. And if firms fail to take those risks seriously, the effects can be... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu