ForAllSecure

DECEMBER 20, 2022

Software application vulnerabilities fall into three different risk categories : Known Known : Known Knowns are identifiable risks that are known to lead to compromise. Unknown Unknowns present the greatest risk, because they enable adversaries to operate unnoticed for an extended period of time.

Applications 40

Applications SDLC Security Software 40

ForAllSecure

SEPTEMBER 15, 2021

Shoenfield -- Author, Passionate Security Architect, and Curious Questioner of Assumptions -- challenged whether application security can be fixed at FuzzCon 2021. Listed below are the top 3 takeaways from Shoenfield’s keynote presentation: Myth: SAST Is The Answer To Application Security.

Applications 52

Applications Security SDLC Analysis 52

SecureWorld News

JULY 7, 2020

Recently, Chef commissioned a survey of security professionals in order to provide greater insight into what security leaders are most concerned with and how collaboration with I&O (Infrastructure & Operations) is needed within enterprise-sized organizations. How important is DevSecOps in the SDLC?

SDLC 59

SDLC Survey Software Development Security 59

SecureWorld News

AUGUST 30, 2021

In the software development life cycle (SDLC), 85% of leaking secrets come from developers sharing information on public personal accounts. This goes to show just how important it is to have the proper training, procedures, and tools in place when it comes to combatting secret sprawl and leaks in your SDLC. Use short-lived credentials.

SDLC 67

SDLC Software Development Software Software 67

ForAllSecure

JANUARY 21, 2021

When defects are uncovered and fixed the same set of security testing must be performed, once again, to validate fixes -- also known as regression testing. Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes.

Open Source 52

Open Source Licensing Applications Analysis 52

ForAllSecure

JANUARY 21, 2021

When defects are uncovered and fixed the same set of security testing must be performed, once again, to validate fixes -- also known as regression testing. Ownership over application test suites is a driving purchasing requirement for some organizations, especially for those who are maturing their application security processes.

Open Source 52

Open Source Licensing Analysis Applications 52

ForAllSecure

AUGUST 14, 2019

The CyberWire Daily podcast delivers the day's cyber security news into a concise format. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. Dave Bittner: [00:00:03] A contractor for Russia's FSB security agency was apparently breached. It's time to build your security the same way.

Security 52

Security Applications Development Financial 52