Getting Started with Sonatype Vulnerability Analysis
7 minute read time
Sonatype Vulnerability Scanner is a free tool that scans your application for vulnerabilities and reports on its analysis.
Read More...
OWASP Security Knowledge Framework
4 minute read time
OWASP's security knowledge framework (SKF) is a method to help web and app developers establish best practices at each stage of product development.
Read More...
Four Common Security Acronyms Explained
4 minute read time
SAST, DAST, CSA, OSSM, SCA? What do these acronyms mean, what exactly do they do, and why does it matter?
Read More...
What Does the New CVSS 3.1 Scoring Model Mean for Enterprise Security?
3 minute read time
Learn how CVSS 3.1 is different from earlier versions and why changes to this security rating matters.
Read More...
Are You a Fool With a Tool?
3 minute read time
Buckminster Fuller cautioned against prioritizing tools. DevOps should always include discussions of culture, strategy, and process for the best outcomes.
Read More...
Why Does Security Matter For DevOps?
4 minute read time
Caroline Wong (@CarolineWMWong) explains why organizations that use DevOps are 2X more likely to succeed than peers.
Read More...
A More Secure Web Needs Developers, Defenders, Advocates, and OSS
2 minute read time
The largest gathering of Infosec professionals met in Washington, D.C. to discuss the future of web security. Open source software is at the core of it.
Read More...
Security Organizations Need to Start Thinking Like Developers
2 minute read time
Developers must think more securely, and security teams need to learn more development skills. Cross-discipline awareness strengthens software development.
Read More...
Blue by Default
3 minute read time
Aubrey Stearn (@auberryberry) explains DevOps security approach Blue by Default. Security practices move prior to testing and delivery to ensure focus.
Read More...