Skip to content

AppSec Observer

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe Now
Learn about the hidden dangers of traditional AppSec tools and why Runtime Security is replacing them: podcast writeup

Learn about the hidden dangers of traditional AppSec tools and why Runtime Security is replacing them: podcast writeup

Are traditional AppSec tools keeping up with advances in software? That was the question The Application Security..

Your WAF doesn't have your back

Your WAF doesn't have your back

Why WAFs leave you adrift in the treacherous waters of cybersecurity In the ever-shifting currents of the cybersecurity..

Cybersecurity Insights with Contrast CISO David Lindner | 9/22

Cybersecurity Insights with Contrast CISO David Lindner | 9/22

Insight #1 There will always be a balance in the psychological acceptability of any security controls put on users...

Contrast Security serves up vulnerability data integrated into AWS Security Hub

Contrast Security serves up vulnerability data integrated into AWS Security Hub

In the world of incident response, you need the right information, at the right time, and you need it where you want to..

Cybersecurity Insights with Contrast CISO David Lindner | 9/15

Cybersecurity Insights with Contrast CISO David Lindner | 9/15

Insight #1 Software Bills of Materials (SBOMs) are nothing more than a data point for determining risk. They shouldn’t..

Why we shouldn't treat the CVSS base score as gospel

Why we shouldn't treat the CVSS base score as gospel

On Sept. 6, Cisco issued an urgent fix for an authentication bypass flaw affecting the single sign-on (SSO)..

Cybersecurity Insights with Contrast CISO David Lindner | 9/8

Cybersecurity Insights with Contrast CISO David Lindner | 9/8

Insight #1 Prompt injection is becoming a serious concern for those using current AI technologies. When using AI, make..

Trust ‘zero trust’ for Application Security

Trust ‘zero trust’ for Application Security

The perimeter cybersecurity model is like the defensive walls that surround ancient cities. For thousands of years,..

3 reasons why upskilling the nation’s cybersec savvy won’t solve the skills gap

3 reasons why upskilling the nation’s cybersec savvy won’t solve the skills gap

The White House recently announced its new National Cyber Workforce and Education Strategy & Implementation (NCWES): a..