Skip to content

AppSec Observer

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
New Spring4Shell Zero-Day Vulnerability Confirmed: What it is and how to be prepared

New Spring4Shell Zero-Day Vulnerability Confirmed: What it is and how to be prepared

On March 29, 2022, a Chinese cybersecurity research firm leaked an attack that could impact most enterprise Java..

ESG analyst discusses how to ship secure, tested code and rapidly remediate issues without headaches

ESG analyst discusses how to ship secure, tested code and rapidly remediate issues without headaches

Securing the DevOps pipeline can be a challenge, even for companies that have security in their DNA. And you're not..

CISO Thoughts with David Lindner - March 25

CISO Thoughts with David Lindner - March 25

Insight #1 When communicating to your stakeholders and the public about an incident, it’s extremely important to be..

Cyber Incident Reporting For Critical Infrastructure Act of 2022

Cyber Incident Reporting For Critical Infrastructure Act of 2022

On March 15, 2022, United States President Joe Biden signed the Cyber Incident Reporting For Critical Infrastructure..

CISO Thoughts with David Lindner - March 18th

CISO Thoughts with David Lindner - March 18th

Insight #1 If you can accomplish one thing in your AppSec program this year, it should be keeping secrets out of your..

New Gartner® Report Details How Businesses Should Incorporate SBOMS Into The SDLC

New Gartner® Report Details How Businesses Should Incorporate SBOMS Into The SDLC

The proliferation of third-party software, especially open-source software (OSS), is a mainstay in modern development...

CISO Thoughts with David Lindner

CISO Thoughts with David Lindner

Insight #1 The number one thing an organization can do today to help prevent the next major breach is to implement..

Celebrating International Women's Day

Celebrating International Women's Day

As part of Women’s History Month, we’re celebrating International Women’s Day by paying tribute to women in tech.

GitHub Actions Blog Series, Part 3: Deploying with Microsoft AKS

GitHub Actions Blog Series, Part 3: Deploying with Microsoft AKS

In my last blog post, we discussed the need for businesses to adopt distributed development and delivery models in..