Secure Development

We'll walk you through the critical step of integrating security into the software development lifecycle (SDLC). You'll hear from the experts on everything from working with developers, to the best ways to assess code for security and the latest development trends and technologies.

Evolution Toward DevSecOps: Failures and Successes

jfeiman's picture
By Joseph Feiman September 13, 2016  | Secure Development

As we outlined in the previous blog post, DevOps is in danger of not being properly secured unless it adopts technologies specifically designed for that purpose. Traditional application security technologies were not designed to work in a DevOps environment. Even from DevOps name, it is obvious, that DevOps-enabling tools should be designed for Development and Operations specialists. And for some... READ MORE

If Security Isn't A Priority For Appdev, What Chance Does A Deployed App Have?

eschuman's picture
By Evan Schuman September 1, 2016  | Secure Development
Educating developers about secure coding should be built in from the start.

One of the biggest security threats is that enterprise mobile app testing is overwhelmingly focused on functionality and not security. Pen testing of apps to see what data they—or some third-party app it is integrated with—are actually retaining is hardly ever done prior to deployment, if then. Why? It's simply not in the mindset of line-of-business managers. They want/need the... READ MORE

How Developers Can Go From Mercenaries to Masters of Their Domain

pchestna's picture
By Pete Chestna August 17, 2016  | Secure Development
A modern developer working in a devops environment needs many skills.

If you’re a developer like me, you’ve probably had more than a few jobs over the years. In today’s business climate, developers are like 21st century mercenaries: pursued by company after company, enticed by hotter jobs, cooler projects and – of course – bigger salaries. Staying anywhere more than two years is unusual. It’s a sellers’ market if you’... READ MORE

Developer Sandbox Secures Apps Early in the Software Lifecycle, Speeding Time to Market

Regardless of where your development team is in the DevOps journey, you’re likely aware that detecting and fixing quality issues as early in the software development lifecycle (SDLC) as possible increases efficiency and reduces costs. Today, development teams are running static assessments during the integration and even code stages, giving developers more time to fix policy-violating flaws... READ MORE

How Do You Avoid Paying a Ransom?

sporemba's picture
By Sue Poremba July 18, 2016  | Security News

Take Steps to Protect the Data before the Ransomware Attack Happens In a recent study conducted by Radware, C-level executives revealed that they had no interest in paying up if their network was hit by ransomware, but that response came before they were locked out from their data. Once they were actually attacked, nearly half of those executives admitted they have, indeed, paid the ransom. The... READ MORE

Think Your Data Leaks Are Limited To Your Databases? Think Again

eschuman's picture
By Evan Schuman July 7, 2016  | Security News

Security professionals spend an awful lot of time trying to protect sensitive corporate information, locking it away in virtual vaults, as they should. But they often neglect to protect the people who have the keys/combinations to those virtual vaults—in some cases, protecting those key-holders from themselves. This comes to mind as a recent story in The Intercept reminded us of how easy we often... READ MORE

Until We Prioritize Security Training, We Will Remain a Step Behind Cybercriminals

jlavery's picture
By Jessica Lavery June 22, 2016  | Secure Development

Where is your security money going? Typically, it lives at the edges of the network, in operations land. The big spends on items and services such as log aggregators and organizers, firewalls, and penetration testing are generally trusted buys. These are tried-and-true tactics that have withstood the tests of time. But time, as it were, has claimed many a security system. From the low-tech... READ MORE

Optimizing Software Management with a DevSecOps Approach

jlavery's picture
By Jessica Lavery June 15, 2016  | Secure Development

Let’s face it, building software is difficult. It’s mental gymnastics. When your developers are working hard, they’ve likely got at least two hours of ramp up time behind them. Bother them during their meditative state, and you’re resetting that clock, losing hours of potential work. There’s a flow to programming, and when you’re in the zone, the code comes quite freely. It’s those moments when... READ MORE

5 Things Devs Wish CISOs Knew About DevOps

The rapid adoption of DevOps practices in the enterprise has forced a lot of CISOs to rethink their security play books. Gone are the days of testing for security once software engineers are done developing a piece of software. With rapid iterations and continuous delivery of software there is no "done" anymore. Additionally, the fast-paced DevOps model gives engineers the power to... READ MORE

What Kind of Tools Do You Need to Secure Your Mobile Apps?

dstrom's picture
By David Strom May 3, 2016  | Secure Development

The days when everyone is chained to a fixed desktop computer are long over. But it isn’t just about being more mobile, or using more mobile devices, or letting your users bring their own devices and use them at work. It isn’t that the workday is no longer 9-to-5 and users expect to get their jobs done whenever and wherever they might be in the world. No, it is about moving to a completely new... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu