Integrating open source security tools into your SDLC Change always has costs connected to it. Change needed when moving security “left” in your software development lifecycle is no exception. One
New PCI DSS Security Standards Boosts DevSecOps Earlier this year, the PCI Security Standards Council released the first major revamp of its software standards in over a decade. The new
Hidden Costs of Security Tools for Developers As security “shifts left” in the application development lifecycle, developers will be called on to work with tools to reduce flaws in their
Security should not be an afterthought to DevOps DevOps has revolutionized how new applications are brought online, but it is also challenging how security teams do their jobs. In theory,
Vulnerability scanning aims to reveal security weaknesses in an application by using automated tools to assess its code, design, and functionality. Design flaws which lead to vulnerabilities like Cross Site
While there are reasons for changing your security pentest vendor, there are a few things that should be kept in mind….
Secure code review is vital in reporting security findings, we can understand the inner workings of applications and free it of any bugs.
SAST, DAST, IAST, and RASP It’s estimated that 90 percent of security incidents result from attackers exploiting known software bugs. Needless to say, squashing those bugs in the development phase
For an updated version of this article please click here. What is Federated Identity? Federated identity means linking and using the electronic identities a user has across several identity management
A Little Backstory Your company secrets are safe, right?  Well, you can’t assume just because you enforce company wide 2-factor authentication on Github that you aren’t vulnerable. A while back
