SDLC, Software, Software Development and System

Is it worth measuring software developer productivity? CIOs weigh in

CIO Business Intelligence

DECEMBER 20, 2023

At the same time, developers are scarce, and the demand for new software is high. This has spurred interest around understanding and measuring developer productivity, says Keith Mann, senior director, analyst, at Gartner. Organizations need to get the most out of the limited number of developers they’ve got,” he says.

Software Development

Software Development Software Software Development

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

SecureWorld News

MAY 19, 2022

The wide adoption of cloud-native applications and infrastructure has propelled DevOps and a self-service culture enabling developers to go from code to cloud in hours. Security teams are entirely unprepared to govern and secure the modern SDLC in this agile world. Why security guardrails are essential for secure development.

SDLC

SDLC Security Programming Devops

5 Ways to Prevent Secret Sprawl

SecureWorld News

AUGUST 30, 2021

In the software development life cycle (SDLC), 85% of leaking secrets come from developers sharing information on public personal accounts. This goes to show just how important it is to have the proper training, procedures, and tools in place when it comes to combatting secret sprawl and leaks in your SDLC.

SDLC

SDLC Software Development Software Software

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Need for Speed Drives Security-as-a-Service

CIO Business Intelligence

JULY 6, 2023

In addition, pushing out the right policies to the right systems and services can take time. The “trust nothing, verify everything” approach can be applied throughout the software development lifecycle and extended to areas like IT/OT convergence.

Security

Security SDLC Survey Software Development

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

The realization that software is becoming an essential component of our everyday lives was reflected yet again in this year’s Black Hat. Even more solutions are being touted to deal with the ever-growing exposure of software to malicious threats. Software is infrastructure. What is required is a change of perspective.

Software

Software Software Analysis Programming

Software is Infrastructure

ForAllSecure

OCTOBER 23, 2019

The realization that software is becoming an essential component of our everyday lives was reflected yet again in this year’s Black Hat. Even more solutions are being touted to deal with the ever-growing exposure of software to malicious threats. Software is infrastructure. What is required is a change of perspective.

Software

Software Software Analysis Programming

SOFTWARE IS INFRASTRUCTURE

ForAllSecure

OCTOBER 23, 2019

The realization that software is becoming an essential component of our everyday lives was reflected yet again in this year’s Black Hat. Even more solutions are being touted to deal with the ever-growing exposure of software to malicious threats. Software is infrastructure. What is required is a change of perspective.

Software

Software Software Analysis Programming

What Executives Should Know About Shift-Left Security

CIO Business Intelligence

FEBRUARY 24, 2023

By Zachary Malone, SE Academy Manager at Palo Alto Networks The term “shift left” is a reference to the Software Development Lifecycle (SDLC) that describes the phases of the process developers follow to create an application. What executives should consider when adopting shift-left security?

Security

Security SDLC Applications Development

Creep

A CIO's Voice

OCTOBER 27, 2010

As the project moves through the software development life cycle (SDLC), requirement changes become increasingly more expensive and deliverable times become more protracted. Users make significant changes to the system after the requirements have been established. This leads to project failure or cost/schedule overruns.

SDLC

SDLC Project Management Applications Software Development

A Guide To Automated Continuous Security Testing

ForAllSecure

JULY 13, 2021

The acceleration of application development has shown no sign of stopping. As a result, we’re seeing increasingly complex, interconnected software. Evolution of Development. Software is an important part of any business—whether to offer a service, an operation, or customer engagement. Google Chrome has 6.7

Security

Security SDLC Software Software

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Aerospace has become a software industry. Software drives every area of flight, including flight control, ground-based systems, communication, weather, maintenance systems, infotainment and more. Software can both meet requirements and still not be secure. How are refutation testing and fuzz testing related?

Analysis

Analysis Security Software Software

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

Aerospace has become a software industry. Software drives every area of flight, including flight control, ground-based systems, communication, weather, maintenance systems, infotainment and more. Software can both meet requirements and still not be secure. How are refutation testing and fuzz testing related?

Analysis

Analysis Security Software Software

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process.

Applications

Applications Security Analysis Software

Securing Your APIs

ForAllSecure

OCTOBER 27, 2021

Since Mayhem for API is run locally, testing can scale out locally and can be used in internal development environments where access to the internet is not a viable option. Mayhem for API's easy to install and easy to use implementation is geared towards scalability and automation throughout the software development lifecycle.

Security

Security Applications Authentication SDLC

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process. Enter Fuzzing.

Applications

Applications Security Analysis Software

Challenging ROI Myths Of Static Application Security Testing (SAST)

ForAllSecure

JUNE 23, 2020

There are several benefits for using Static Analysis Security Testing (SAST) for your software security. While there have been a lot of successes (such as adoption in the OSS community through Coverity SCAN), I’ve also seen challenges with organizations attempting to adopt SAST as part of their development process. Enter Fuzzing.

Applications

Applications Security Analysis Software

Getting ahead of cyberattacks with a DevSecOps approach to web application security

CIO Business Intelligence

JUNE 20, 2023

DevSecOps seeks to build security into applications, not just build security around an application.DevOps is a methodology that focuses on the collaboration between development and operations teams to create, test, and deploy software quickly and efficiently.

Applications

Applications Security SDLC Devops

When least privilege is the most important thing

CIO Business Intelligence

NOVEMBER 2, 2023

So, in a nutshell, least privilege says that every object in a system – whether a user, a process, or an application – must be able to access only the information and resources that it needs, and no more. The result was that it was straightforward, at times elementary, for malicious software to own the entire system.

Backup

Backup Information Security Security Operating Systems

Scaling security: How to build security into the entire development pipeline

CIO Business Intelligence

OCTOBER 31, 2023

That’s why Discover® Financial Service’s product security and application development teams worked together to shift security left by integrating security by design and conducting early security testing often to identify vulnerabilities prior to hitting deployment. “If

Security

Security Development How To Applications

The Evolution of Security Testing

ForAllSecure

JULY 27, 2021

A benchmarking study by the NSA Center for Assured Software found that the average SAST tool covers only 8 out of 13 weakness classes and finds only 22 percent of flaws in each weakness class. Security needs to be part of the development experience. In other words, if a system connected to your app acts up, can the app still function?

Security

Security Applications Development SDLC

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Turns out it’s the same here with micro-electromechanical system sensors. Vamosi: Okay. Fu: That's right.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Turns out it’s the same here with micro-electromechanical system sensors. Vamosi: Okay. Fu: That's right.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

The transition from one system to another has always been one of the weakest links in the security chain. Vamosi: Boundaries are the classic Go To minefield for discovering new software vulnerabilities. Turns out it’s the same here with micro-electromechanical system sensors. Vamosi: Okay. Fu: That's right.

Research

Research Engineering Examples System

Information Technology Zone

Is it worth measuring software developer productivity? CIOs weigh in

What Are Security Guardrails? Why Do They Matter to Your AppSec Program?

Webinars

Trending Sources

5 Ways to Prevent Secret Sprawl

Webinars

Need for Speed Drives Security-as-a-Service

Software is Infrastructure

Software is Infrastructure

SOFTWARE IS INFRASTRUCTURE

What Executives Should Know About Shift-Left Security

Creep

A Guide To Automated Continuous Security Testing

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Challenging ROI Myths Of Static Application Security Testing (SAST)

Securing Your APIs

Challenging ROI Myths Of Static Application Security Testing (SAST)

Challenging ROI Myths Of Static Application Security Testing (SAST)

Getting ahead of cyberattacks with a DevSecOps approach to web application security

When least privilege is the most important thing

Scaling security: How to build security into the entire development pipeline

The Evolution of Security Testing

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

Stay Connected