Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]

By Mark Miller on January 15, 2018 OWASP

1 minute read time

A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...

The OpenChain Project with Shane Coughlan [Podcast Interview]

By Mark Miller on January 12, 2018 OWASP

1 minute read time

In this broadcast, I speak with Shane Coughlan, project director, about the purpose of the OpenChain project and what his team hopes to accomplish in 2018.
Read More...

Nexus Firewall: Quality at Velocity

By Mike Hansen on November 17, 2015 nexus pro

5 minute read time

Nexus Firewall: Quality at Velocity
Read More...

DevOps Leadership Series: Security at Velocity [Video]

By Derek Weeks on May 12, 2015 Software Supply Chain

1 minute read time

If it does not fit, it does not get done. For many DevOps practices, application security falls into the “does not get done” bucket.
Read More...

"Wait! Wait! Don't pwn me!" from Black Hat 2014

By Mark Miller on August 14, 2014 OWASP

1 minute read time

"Wait! Wait! Don't pwn me!" from Black Hat 2014
Read More...

FinSvcs Working Group (FS-ISAC) Takes on Open Source Components

5 minute read time

Applications are becoming the primary security threat vector.
Read More...

What's Happening in the Land of Open Source Components

By Derek Weeks on November 27, 2013 PCI

2 minute read time

We continue to see exponential growth in requests from the Central Repository.
Read More...

Good Hygiene Should be a Foundation of Application Security

By Ryan Berg on June 19, 2013 OWASP

3 minute read time

Good Hygiene Should be a Foundation of Application Security
Read More...

How Will you Manage the New Addition of A9 to the OWASP Top 10 List?

2 minute read time

How Will you Manage the New Addition of A9 to the OWASP Top 10 List?
Read More...