Tag Archives: application security

Should DevOps Account for Continuous Trust of Production Applications?

January 9, 2014 By
Jessica Dodson

To find previous blogs in this DevOps series, read: Part 1 – Agile, Component Development & DevOps – A Natural Match Part 2 – DevOps Success is Contingent on Shifting Left  Part 3 – DevOps Requires an Optimized Application Development Tool Chain Part 4 – Component Capable Release Management is Key to DevOps Part 5 […]

Continue reading...

Who Really Wrote Healthcare.gov?

December 23, 2013 By
Wayne Jackson

Opening a Dialogue About Supply Chain Risk Management in a World Powered by Open Source Software. As Marc Andreessen famously observed, “software is eating the world”. The proliferation of software is, indeed, transformational – it is everywhere, in laptops, of course, but also in cars, planes, phones, pacemakers, insulin pumps, refrigerators, thermostats, you name it. […]

Continue reading...

Move Left and Be More Secure

September 16, 2013 By
Jessica Dodson

Author Attribution: This post was written by a guest blogger: Mark Miller, Founder and Curator of Trusted Software Alliance. In a “50-in-50” interview on the Trusted Software Alliance site, Gary McGraw talked about the concept of ‘moving left’, or ‘shifting left’ when it comes to application security in the software life cycle. Traditional development leaves […]

Continue reading...

Application security needs to be redefined to stay relevant

July 26, 2013 By
Derek Weeks

Ok, so maybe it’s not the definition that’s the problem. Maybe it’s the fact that most people think of DAST and SAST when it comes to application security.  And when most developers are faced with DAST and SAST, they run for cover. Or maybe it’s the fact that most security practices are primarily focused on […]

Continue reading...

Do you trust your software supplier? Questions to ask yourself – and them!

July 24, 2013 By
Jessica Dodson

Ever since I attended the recent Gartner Security & Risk Management Summit, I’ve found myself thinking a lot about if “you can trust your software supplier”. My colleague wrote about this a bit in a Gartner recap blog and our CEO co-presented on this topic with Curtis Yanko as part of a solution provider session. […]

Continue reading...

Good Hygiene Should be a Foundation of Application Security

June 19, 2013 By
Ryan Berg

Over the past week, there have been several articles, blog posts and security institutes about the latest release of the OWASP Top 10. Now is the right time to join the discussion. All this chatter doesn’t come as a surprise to me or others that have been long time participants in the application security space. […]

Continue reading...

Application Security, Not so Black & White

May 8, 2013 By
Ryan Berg

I’m glad to see that Simon Phipps, independent open source consultant and a director of the Open Source Initiative, promote the need to manage components effectively. In his recent InfoWorld article he notes: “Cyber security is on the national political agenda, but do we really understand what it takes to be secure? Now that enterprise […]

Continue reading...

New Webinar: Security at the Speed of Development with Wendy Nather, 451 Research

April 15, 2013 By
Emily Blades

Tuesday, April 30, 2013 – 11:00AM-11:45AM EDT (GMT-0400) We have a problem. Application development has become agile, component-based, and open-source-dependent. We’re delivering more software faster than ever before, but security approaches haven’t kept up. Every day we’re forced to make the dangerous choice between speed and security, putting Development and Security at odds. There has […]

Continue reading...

Android Malware Carries Windows Snooping App

February 4, 2013 By
The Vigilant Application Owner

The H – (International) Android malware carries Windows snooping app. Kaspersky has found malware being distributed through the Google Play store that loads malware onto PCs once an infected Android device is plugged in to a PC running Windows. Source: http://www.h-online.com/security/news/item/Android-malware-carries-Windows-snooping-app-1797241.html

Continue reading...