Secure Code Warrior (SCW) today added an agent to its portfolio of application security that assesses the security competency of developers as they commit code to a repository.
Backslash Security Extends Reach of Application Security Platform
Making the Backslash application security platform even more secure with news of added support as well as a revamped, simpler user interface.
Survey Warns of Looming Software Testing Crisis
A survey of CEOs and IT professionals involved in application testing finds a significant gap in terms of how acceptable it is to release software that has not been properly tested. The survey, conducted by the market research firm Censuswide on behalf of Leapwork, a test automation platform provider, polled 480 CEOs in the U.S. […]
Rezilion Launches Vulnerability Prioritization Platform
Rezilion today announced general availability of a platform that enables DevOps teams to better prioritize remediation efforts by identifying which vulnerabilities both run in memory and actually impact a class or function that can be executed. Liran Tancman, Rezilion CEO, said the biggest DevSecOps challenge organizations face today is that the bulk of vulnerabilities that […]
DevSecOps Implementation: Dynamic Scans
This is the third installment in this series on DevSecOps. Read the first installment, on static analysis, here and the second installment, on source composition analysis, here. One weakness of static analysis is its failure to account for environment and use. Running static analysis on a code base as the only check before production deployment […]
DevSecOps Implementation: Source Composition Analysis
This is the second installment in this series on DevSecOps. Read the first installment, on Static Analysis, here. One of the better additions to security in recent years is source composition analysis (SCA). The purpose of SCA is to sit in the gap between static analysis and dynamic analysis to help you find issues introduced […]
Five Tips to Approach DevSecOps Training
Developers are on the front lines when it comes to protecting their organizations from cyberattacks. As we’ve seen with the hacks of Monster.com or the Fortnite vulnerability, 2019 has been a trying year for organizations who have failed to protect their applications and websites. With an increase of cyberthreats today, it is vital that organizations and developers incorporate standard […]