<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

How to Improve AppSec in DevOps

DevOps seems to be on the mind of a lot of folks these days. Many articles have been written on how to strategically move groups to well-functioning and secure DevOp methodologies. Leading experts, who've been in the DevOps trenches, are now..

Continue Reading >>

Why You Must Build Cybersecurity Into Your Applications

In a series of recent articles, Dan Woods from Forbes, has been analyzing how companies can best allocate their security portfolio dollars. To understand the security products on the market that can help companies address these complicated issues,..

Continue Reading >>

The New OWASP Top 10 for 2017 Reveals New Critical Weakness in Application Defenses

The OWASP Top 10 - 2017 reflects a move towards modern, high-speed software development that we’ve seen explode across the industry since the last version of the Top 10 in 2013. 

While many of the vulnerabilities remain the same, the addition of..

Continue Reading >>

Rollback of FCC privacy requirements could have broad repercussions

Last week the United States Congress made the rather unsettling decision to roll-back FCC privacy regulations that prohibited ISPs from selling customers' browser history and other personal information without their permission.  This decision could..

Continue Reading >>

Today, Apps Are Continuous -- Shouldn't Security Be Too?

We're beginning to see a growing number of articles appearing in the business press that address the challenges with securing software applications that are being built via an agile or DevOps methodology.  In the past, software would stick to..

Continue Reading >>

We are Seeing Ongoing Struts 2 Attacks

If you’re running web applications on the Internet, then you’re almost certainly seeing probes for the Struts 2 vulnerability (CVE-2017-5638). These attacks started within hours of the vulnerability being released, and we continue to see..

Continue Reading >>

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading >>

Cloud Developers Can Now Get Cloud Foundry Certified!

Cloud developers can now become certified as Cloud Foundary experts, thanks to the folks at Cloud Foundry Foundation, who announced last week the launch of a cloud based developer certification initiative. The genesis behind this initiative will..

Continue Reading >>

How To Select The Right Products For Your Cybersecurity Portfolio

So far in his cybersecurity series, Dan Woods' Forbes articles have focused on how to build the right cybersecurity portfolio for your business. He has outlined three key steps companies should take, and advocated that companies not overspend on..

Continue Reading >>

How Can CISOs Create A Balanced Portfolio Of Cybersecurity Products?

We’re entering a world of deepening complexity when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook