SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

START FREE TRIAL

Security Concerns Remain with Containers and Kubernetes Per New Report

When it comes to organizational growth and the fast pace of doing business, DevOps is a key enabler in the transformation of a company. Containers play a significant role in this evolution, helping organizations to modernize faster by making it..

Continue Reading >>

Contrast Labs: Jenkins Maven HPI Plugin Exposes Developer Laptops

If you are like the development team at Contrast Security and build Jenkins plugins, then you probably find value in the maven-hpi-plugin. The Jenkins Maven HPI Plugin hpi:run target initializes a local Jetty HTTP server with the current plugin..

Continue Reading >>

AppSec Instrumentation Addresses AppSec Skills Shortage

According to ISACA’s State of Cybersecurity 2020 Report, which is based on data gathered from more than 2,000 respondents in more than 100 countries, cybersecurity threats continue unabated while a cybersecurity skills gap is presenting serious..

Continue Reading >>

Security Priorities & Automation Ascend to Business Relevancy per New KPMG Cybersecurity Report

As enterprises increasingly embrace cloud innovation, there is the inevitable move of more and more sensitive applications and workloads to the cloud. DevOps is at the center of this migration, facilitating business scalability and innovation that’s..

Continue Reading >>

Misconfigurations and Alert Fatigue Require a Modern AppSec Approach

Businesses are adopting development and operations (DevOps) to tap into new business opportunities. These DevOps initiatives are the engine driving digital transformation. But as DevOps takes hold and organizations focus more and more of their time..

Continue Reading >>

AppSec-related Must-do Activities and Sessions at RSA 2020

This year’s theme at RSA Conference 2020 is the Human Element. Fundamentally, what those of us do in the realm of cybersecurity goes beyond protecting our networks, applications, and systems; it’s about people protecting people.

Continue Reading >>

4 Reasons to Automate Security Testing with AppSec Instrumentation

While the idea of “automation” may seem like a modern concept, it dates back to around 762 B.C. when the concept was first introduced in Homer’s epic battle poem The Iliad.

Continue Reading >>

How I Made $600 in Bug Bounty in 15 Minutes with Contrast CE – CVE- 2019-8442

We live in a dynamic economy that is constantly developing new ways to generate revenue. An area that fascinates me are the bug bounty programs such as Atlassian on BugCrowd. Generating tangible rewards from these programs is not an easy..

Continue Reading >>

Public WiFi is actually still pretty dangerous

I wanted to write a short response to an article EFF posted, Why Public Wi-Fi is a Lot Safer Than You Think. It's no secret transport layer security has vastly improved over the years -- so I generally agree with a lot of the points made here. For..

Continue Reading >>

DECEMBER 2019 AppSec Intelligence Report

This report summarizes Contrast Labs' analysis of real world application attack and vulnerability data from December 2019. By providing continuous insight and detection from inside applications, Contrast can identify and trend the way that..

Continue Reading >>

SUBSCRIBE TO THE BLOG