Applications, Development, Engineering and SDLC

How to make your developer organization more efficient

CIO Business Intelligence

SEPTEMBER 1, 2023

Developers are hired for their coding skills, but often spend too much time on information-finding, setup tasks, and manual processes. To combat wasted time and effort, Discover® Financial Services championed a few initiatives to help developers get back to what they do best: developing. The result?

Development

Development How To SDLC Engineering

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

CIO Business Intelligence

OCTOBER 31, 2023

DevSecOps refers to development, security, and operations. As a practice, DevSecOps is a way to engrain practices in your SDLC that ensures security becomes a shared responsibility throughout the IT lifecycle. Visit Discover Technology to learn how Discover developers approach application development.

Company

Company SDLC Meeting Banking

10 Stages of the software development lifecycle for startups

Dataconomy

APRIL 5, 2024

Creating apps for startups is primarily the carefully thought-out tasks that make up the software development process. Let’s take a closer look at the key stages of software development for startups. The main stages of the software development life cycle include: 1. Idea Any software development starts with an idea.

Software Development

Software Development Software Software Development

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

Don’t Get Left Behind: Leveraging Modern Product Management Across the Organization

MORE WEBINARS

Safeguarding Ethical Development in ChatGPT and Other LLMs

SecureWorld News

AUGUST 7, 2023

This first installment is "Safeguarding Ethical Development in ChatGPT and Other LLMs through a Comprehensive Approach: Integrating Security, Psychological Considerations, and Governance." Consider a scenario where prompt engineering abuse, specifically the introduction of DAN 13.5 People/consumers drive development, not developers.

Development

Development SDLC Security Tools

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

SecureWorld News

MAY 19, 2022

The wide adoption of cloud-native applications and infrastructure has propelled DevOps and a self-service culture enabling developers to go from code to cloud in hours. Security teams are entirely unprepared to govern and secure the modern SDLC in this agile world. Why security guardrails are essential for secure development.

SDLC

SDLC Security Programming Devops

Need for Speed Drives Security-as-a-Service

CIO Business Intelligence

JULY 6, 2023

DDoS attacks that target networks, applications, and APIs can seemingly come out of nowhere. In fact, 42% of SECaaS adopters in F5’s 2023 State of Application Strategy survey cited speed as the main driver. Lori MacVittie, F5 Distinguished Engineer, explains. Zero Trust

Security

Security SDLC Survey Software Development

Why Fuzz Testing Is Indispensable: Billy Rios

ForAllSecure

SEPTEMBER 2, 2021

I recently spoke to Gartner on the addition of fuzz testing to their Critical Capabilities for the Application Security Testing Magic Quadrant. He has led security engineering and product security programs at organizations with the most advanced fuzz testing programs, such as Google and Microsoft. They’re just too valuable.

SDLC

SDLC Programming Applications Security

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

Developers are creative, brilliant people. They solve intricate problems by writing applications. Although they are talented individuals who possess many skills, they are not security engineers. Coding works similarly; The applicability of coding rules largely depends on context. Grammar is an excellent analogy.

SDLC

SDLC Applications Development Security

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

Developers are creative, brilliant people. They solve intricate problems by writing applications. Although they are talented individuals who possess many skills, they are not security engineers. Coding works similarly; The applicability of coding rules largely depends on context. Grammar is an excellent analogy.

SDLC

SDLC Applications Security Development

Your AST Guide for the Disenchanted: Part 5

ForAllSecure

OCTOBER 20, 2020

Developers are creative, brilliant people. They solve intricate problems by writing applications. Although they are talented individuals who possess many skills, they are not security engineers. Coding works similarly; The applicability of coding rules largely depends on context. Grammar is an excellent analogy.

SDLC

SDLC Applications Security Development

Fuzzing with Biden's Executive Order 14028

ForAllSecure

AUGUST 31, 2021

After President Biden issued an Executive Order 14028 to improve the Nation’s cybersecurity posture, the National Institute of Standards and Technology (NISA) published the minimum recommendations for verification of code by developers. Mayhem automatically notifies you if your application is not protected with any of these checks.

SDLC

SDLC Analysis Engineering Applications

What CEOs really need from today’s CIOs

CIO Business Intelligence

AUGUST 3, 2022

To help determine where IT should stop and IoT product engineering should start, Kershaw did not call CIOs of other food and agricultural businesses to compare notes. But don’t attempt to create a modern software development lifecycle (SDLC) on an industrial era infrastructure. The cloud.

Architecture

Architecture Software Software Cloud

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

The problem is that the processes which we’ve developed to deal with the challenges of modern software development have in general not yet reached the level of maturity required for systems where life and death are at stake. The application of SA is further complicated by the ever increasing size of code bases.

Software

Software Software Analysis Programming

Meet The Team Behind Mayhem: Come See Us At These Upcoming April 2023 Events

ForAllSecure

MARCH 31, 2023

Set up a meeting with us during the conference to learn more about how Mayhem makes security testing easy for development teams. ‍ Developers and security professionals are always making trade-offs between competing priorities. Development Speed or Code Security. Register for the RSA Conference here. Why Not Both?

Meeting

Meeting Automotive Open Source Devops

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes. These test suites are not custom to your application. Development Speed or Code Security. Manual Penetration Testing. Why Not Both? Code Coverage.

Open Source

Open Source Licensing Applications SDLC

Breaking Down the Product Benefits

ForAllSecure

JANUARY 21, 2021

Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes. These test suites are not custom to your application. They automate testing to the same areas of code, centralizing defects throughout an application.

Open Source

Open Source Licensing Analysis Applications

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

The problem is that the processes which we’ve developed to deal with the challenges of modern software development have in general not yet reached the level of maturity required for systems where life and death are at stake. The application of SA is further complicated by the ever increasing size of code bases.

Software

Software Software Analysis Programming

SOFTWARE IS INFRASTRUCTURE

ForAllSecure

OCTOBER 23, 2019

The problem is that the processes which we’ve developed to deal with the challenges of modern software development have in general not yet reached the level of maturity required for systems where life and death are at stake. The application of SA is further complicated by the ever increasing size of code bases.

Software

Software Software Analysis Programming

Good, Fast, Cheap: Can CIOs Have them All

Future of CIO

DECEMBER 20, 2012

Holiday season actually stimulates creativity, and spurs optimism; from one of IT performance debates: “good cheap, fast for enterprise application development, which two should CIO pick?”,--many commentators set positive tunes and think it possible to have them all. Hopefully, the "pick any two" approach is becoming obsolete.

SDLC

SDLC Agile Architecture Applications

No Scrum Master? No Problem - Social, Agile, and Transformation

Social, Agile and Transformation

NOVEMBER 3, 2009

I cover topics for Technologists from CIOs to Developers - agile development, agile portfolio management, leadership, business intelligence, big data, startups, social networking, SaaS, content management, media, enterprise 2.0 Will a team become more productive if there is a build engineer? Social, Agile, and Transformation.

SCRUM

SCRUM Agile Social Project Management

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

Find out how ForAllSecure delivers advanced fuzz testing into development pipelines. Fu: The reason why it's interesting as you typically have two different groups of engineers on either side of the interface. Engineers start to assume things about the other side. Bleeding-Edge Testing for Bleeding-Edge Technology.

Research

Research Engineering Examples System

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

Colleges and universities are experiencing ERP issues and a minor wave of bogus student applications. The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. Equifax receives its judgment.

Security

Security Applications Development Financial

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

Fu: The reason why it's interesting as you typically have two different groups of engineers on either side of the interface. Engineers start to assume things about the other side. And so there's often an application of responsibility for certain things. The classic example would be the buffer overflow.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

Fu: The reason why it's interesting as you typically have two different groups of engineers on either side of the interface. Engineers start to assume things about the other side. And so there's often an application of responsibility for certain things. The classic example would be the buffer overflow.

Research

Research Engineering Examples System

Information Technology Zone

How to make your developer organization more efficient

Beyond DevSecOps: Why fintech companies need to consider DevSecRegOps

Webinars

Trending Sources

10 Stages of the software development lifecycle for startups

Webinars

Safeguarding Ethical Development in ChatGPT and Other LLMs

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

Need for Speed Drives Security-as-a-Service

Why Fuzz Testing Is Indispensable: Billy Rios

Your AST Guide for the Disenchanted: Part 5

Your AST Guide for the Disenchanted: Part 5

Your AST Guide for the Disenchanted: Part 5

Fuzzing with Biden's Executive Order 14028

What CEOs really need from today’s CIOs

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

Software is Infrastructure

Meet The Team Behind Mayhem: Come See Us At These Upcoming April 2023 Events

Breaking Down the Product Benefits

Breaking Down the Product Benefits

Software is Infrastructure

SOFTWARE IS INFRASTRUCTURE

Good, Fast, Cheap: Can CIOs Have them All

No Scrum Master? No Problem - Social, Agile, and Transformation

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

The Hacker Mind Podcast: Hacking With Light And Sound

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

Stay Connected