Compliance as Code
4 minute read time
Compliance is a growing consideration for application security and must be managed.
Read More...
Money Doesn’t Buy Happiness, but Happy Developers Protect Money
4 minute read time
Developers in mature DevOps practices are 1.2x happier than their grumpy peers in the financial sector. This impacts software security, and your wallet.
Read More...
DevSecOps & Chaos Engineering: Knowing the Unknown
2 minute read time
Aaron Rinehart (@aaronrinehart) dives into chaos engineering: what it is, why you need it, and how you can implement it in your organization.
Read More...
Why Software Composition Analysis (SCA) Demands Precision
3 minute read time
Software Composition Analysis: Getting to the Signal Through the Noise, by 451 Research, demonstrates Sonatype's leadership in software composition analysis.
Read More...
In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...
HackNYC 2018: Preview with Dr. Bill Curtis [Podcast]
1 minute read time
In May, at HackNYC 2018 in New York City, Dr. Bill Curtis' team of Tracie Gerardi and Lev Lesokhin will deliver a presentation on putting an end to "Technical Debt".
Read More...
Thoughts on Security in the Modern Software Supply Chain [Podcast Interview]
1 minute read time
A conversations about government vs public software security, the OWASP Top 10 and common security patterns in large scale projects.
Read More...