Development, SDLC, Software Development and System

Is it worth measuring software developer productivity? CIOs weigh in

CIO Business Intelligence

DECEMBER 20, 2023

At the same time, developers are scarce, and the demand for new software is high. This has spurred interest around understanding and measuring developer productivity, says Keith Mann, senior director, analyst, at Gartner. Organizations need to get the most out of the limited number of developers they’ve got,” he says.

Software Development

Software Development Software Software Development

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

SecureWorld News

MAY 19, 2022

The wide adoption of cloud-native applications and infrastructure has propelled DevOps and a self-service culture enabling developers to go from code to cloud in hours. Security teams are entirely unprepared to govern and secure the modern SDLC in this agile world. Why security guardrails are essential for secure development.

SDLC

SDLC Security Programming Devops

5 Ways to Prevent Secret Sprawl

SecureWorld News

AUGUST 30, 2021

In the software development life cycle (SDLC), 85% of leaking secrets come from developers sharing information on public personal accounts. This goes to show just how important it is to have the proper training, procedures, and tools in place when it comes to combatting secret sprawl and leaks in your SDLC.

SDLC

SDLC Software Development Software Software

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Need for Speed Drives Security-as-a-Service

CIO Business Intelligence

JULY 6, 2023

In addition, pushing out the right policies to the right systems and services can take time. The “trust nothing, verify everything” approach can be applied throughout the software development lifecycle and extended to areas like IT/OT convergence.

Security

Security SDLC Survey Software Development

What Executives Should Know About Shift-Left Security

CIO Business Intelligence

FEBRUARY 24, 2023

By Zachary Malone, SE Academy Manager at Palo Alto Networks The term “shift left” is a reference to the Software Development Lifecycle (SDLC) that describes the phases of the process developers follow to create an application. Why is shift-left security important in cybersecurity?

Security

Security SDLC Applications Development

Creep

A CIO's Voice

OCTOBER 27, 2010

This is often the case with application development. As the project moves through the software development life cycle (SDLC), requirement changes become increasingly more expensive and deliverable times become more protracted. Users make significant changes to the system after the requirements have been established.

SDLC

SDLC Project Management Applications Software Development

A Guide To Automated Continuous Security Testing

ForAllSecure

JULY 13, 2021

The acceleration of application development has shown no sign of stopping. As a result, we’re seeing increasingly complex, interconnected software. Continuous testing enables security teams to keep pace with development and operations teams in modern development, and to deliver deep integration and automation of security tooling.

Security

Security SDLC Software Software

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

This is particularly true in safety criticality systems. All would not have been possible without the introduction of software as part of the innovation. Resilience is an essential requirement for safety-critical cyber-physical systems specially when theses systems are expected to function for decades, not merely years.

Software

Software Software Analysis Programming

Securing Your APIs

ForAllSecure

OCTOBER 27, 2021

Since Mayhem for API is run locally, testing can scale out locally and can be used in internal development environments where access to the internet is not a viable option. Mayhem for API's easy to install and easy to use implementation is geared towards scalability and automation throughout the software development lifecycle.

Security

Security Applications Authentication SDLC

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Aerospace has become a software industry. Software drives every area of flight, including flight control, ground-based systems, communication, weather, maintenance systems, infotainment and more. Verification activities typically show that a system meets a functional requirement or specification.

Analysis

Analysis Security Software Software

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Aerospace has become a software industry. Software drives every area of flight, including flight control, ground-based systems, communication, weather, maintenance systems, infotainment and more. Verification activities typically show that a system meets a functional requirement or specification.

Analysis

Analysis Security Software Software

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

This is particularly true in safety criticality systems. All would not have been possible without the introduction of software as part of the innovation. Resilience is an essential requirement for safety-critical cyber-physical systems specially when theses systems are expected to function for decades, not merely years.

Software

Software Software Analysis Programming

SOFTWARE IS INFRASTRUCTURE

ForAllSecure

OCTOBER 23, 2019

This is particularly true in safety criticality systems. All would not have been possible without the introduction of software as part of the innovation. Resilience is an essential requirement for safety-critical cyber-physical systems specially when theses systems are expected to function for decades, not merely years.

Software

Software Software Analysis Programming

Scaling security: How to build security into the entire development pipeline

CIO Business Intelligence

OCTOBER 31, 2023

When an application is finally ready for deployment, the last thing the development team wants to hear is: “Stop! If you want to make a change, make it in the early stages of the software development lifecycle,” said Pratiksha Panesar, director of cybersecurity at Discover Financial Services. There’s a security issue.”

Security

Security Development How To Applications

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process. And it will find defects in paths that the program would never actually implement in a live system.

Applications

Applications Security Analysis Software

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process. And it will find defects in paths that the program would never actually implement in a live system.

Applications

Applications Security Analysis Software

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process. And it will find defects in paths that the program would never actually implement in a live system.

Applications

Applications Security Analysis Software

Getting ahead of cyberattacks with a DevSecOps approach to web application security

CIO Business Intelligence

JUNE 20, 2023

According to GitLab’s 2023 Global DevSecOps Report , 56% of organizations report using DevOps or DevSecOps methodologies, growing roughly 10% from 2022, for improved security, higher developer velocity, cost and time savings, and better collaboration. What is DevSecOps?

Applications

Applications Security SDLC Devops

When least privilege is the most important thing

CIO Business Intelligence

NOVEMBER 2, 2023

So, in a nutshell, least privilege says that every object in a system – whether a user, a process, or an application – must be able to access only the information and resources that it needs, and no more. The result was that it was straightforward, at times elementary, for malicious software to own the entire system.

Backup

Backup Information Security Security Operating Systems

The Evolution of Security Testing

ForAllSecure

JULY 27, 2021

A benchmarking study by the NSA Center for Assured Software found that the average SAST tool covers only 8 out of 13 weakness classes and finds only 22 percent of flaws in each weakness class. Security needs to be part of the development experience. security testing understands the developer and attacker mindsets by identifying coding.

Security

Security Applications Development SDLC

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

Find out how ForAllSecure delivers advanced fuzz testing into development pipelines. The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Learn More Request Demo. Vamosi: Okay.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Turns out it’s the same here with micro-electromechanical system sensors. Vamosi: Okay. Fu: That's right.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Turns out it’s the same here with micro-electromechanical system sensors. Vamosi: Okay. Fu: That's right.

Research

Research Engineering Examples System

Information Technology Zone

Is it worth measuring software developer productivity? CIOs weigh in

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

Webinars

Trending Sources

5 Ways to Prevent Secret Sprawl

Webinars

Need for Speed Drives Security-as-a-Service

What Executives Should Know About Shift-Left Security

Creep

A Guide To Automated Continuous Security Testing

Software is Infrastructure

Securing Your APIs

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Software is Infrastructure

SOFTWARE IS INFRASTRUCTURE

Scaling security: How to build security into the entire development pipeline

Challenging ROI Myths Of Static Application Security Testing (SAST)

Challenging ROI Myths Of Static Application Security Testing (SAST)

Challenging ROI Myths Of Static Application Security Testing (SAST)

Getting ahead of cyberattacks with a DevSecOps approach to web application security

When least privilege is the most important thing

The Evolution of Security Testing

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

Stay Connected