A recent npm survey revealed that 77 percent of developers were concerned about the quality and security of the open source libraries they use, while 52 percent said the tools currently available were inadequate. Given the trust issues in open source and the ongoing discovery of website and application vulnerabilities, security should be top of […]
API Security: A Key Part of the Bigger Plan
Standing as the “fuel” powering the customer-driven platform revolution, application programming interfaces (APIs) are the new “it thing” amongst operating systems. APIs are responsible for how apps communicate with each other and have become key components in many digital transformation strategies. Serving as a set of tools for building software application, they have empowered many […]
DevOps Chat: AppSec and DevSecOps with Contrast Security’s Jeff Williams
I have known of Jeff Williams in the security industry for more than several years. He is a well-respected thought leader in AppSec and OWASP. I finally got a chance to catch up with Jeff and talk with him about Contrast Security, the company he co-founded and how it is helping. In this DevOps Chat, […]
Security Testing: Reducing Resistance to Change in an Agile and DevOps World
Software development has evolved, but security testing has not. That has to change In the bad, old days—which, sadly, many are still living in—security testing was tacked onto the end of the development process. Security testing hasn’t been a feature of software engineering for around 15 years now, since agile supplanted waterfall as the primary […]
Always-on Development: Why Continuous Delivery Relies on Security by Design
How continuous delivery can help organizations in their application security efforts The old model of developing secure applications followed a structured, siloed, step-by-step process—build, check, release. Organizations’ desire for speed has forced development teams to ramp up their release cycles by any means necessary, even if it means bypassing incremental scanning for flaws that could […]
DevOps Chat: A New Take on Application Security with Portshift
Portshift brings a new identity-based application security model from code to runtime. Cloud or on-prem, Portshift works. In this DevOps Chat we speak with CEO Ran Ilany and VP Business Ops Eran Grabiner about what is unique to the Portshift solution and why you should consider it for your own application security, especially for your […]
You Have a Box: The Impact of Containers on DevOps
To continue the discussion from my last blog post, you have a box. Increasingly, you only have to ask, “What do we want to put in it?” It is interesting to see the growth and change in IT over time. The advent of containers is the focus of this particular blog, but there are many […]
DevSecOps and Development: Making the World Safer One Application at a Time
If you have been around software development much at all in the past five or 10 years, then you’ve certainly heard of DevOps and know it’s here to stay. And it is very likely that you have also heard the term “DevSecOps” even more recently. With today’s extensive proliferation of application capabilities being delivered through […]
Best Practices for Application Security Testing in the Era of DevOps and AI
Application security testing is no easy feat. And yet, it’s usually the first topic that most articles about application security address. The reasons are simple: As the pace of application development techniques (and their inevitable vulnerabilities) evolve, AppSec personnel have found themselves caught between the desire to keep pace with their management of security testing […]
Malicious Intent: Open Source Developers, Please Protect Your Users
For the second time in just a few weeks we’re seeing the fallout of missteps taken by publishers of open source components. It was just recently that I wrote about the GitHub id of go-bindata being highjacked. We don’t know for certain if the intentions were malicious, but the risk was obvious. Even more recently we find […]
- « Previous Page
- 1
- …
- 12
- 13
- 14
- 15
- 16
- 17
- Next Page »










