<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=113894&amp;fmt=gif">

SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

Google Docs May Still be Vulnerable to Phishing Attacks

On Tuesday, users of Google Docs were targeted with an email phishing attack. The email content was a ruse to trick folks into granting access to their contact data. Google quickly put measures into place to stop the attack. Please visit this..

Continue Reading >>

The DevOps-Ready Security Program

ByMahesh Babu May 4, 2017

6 Executive Tips to Bring Security into the DevOps Era

Extending DevOps to your software application security team shifts security from being a bottleneck to an enabler. According to McKinsey & Company, the benefits of being a DevOps-ready IT..

Continue Reading >>

How AppSec Fits into the World of DevOps and Containers

ByKaushik Srinivas May 2, 2017

Business undertaking digital transformation initiatives are turning to Agile development and DevOps workflows to execute their software projects. Agile lets software teams respond quickly to customer needs, and DevOps helps organizations deploy..

Continue Reading >>

The Importance of Adding "A7: Insufficient Attack Protection" to the OWASP Top 10

We know there are some very strong feelings about both the recent Top Ten Release Candidate and my involvement in the project. Steve Ragan does a nice job summarizing the issue in CSO: "Contrast Security Responds to OWASP Top 10 Controversy."  While..

Continue Reading >>

Portable Builds with Docker

At Contrast, we like to enable developers to solve their own problems without submitting tickets to the Operations team. We also like to define our infrastructure with code.

Continue Reading >>

How to Improve AppSec in DevOps

DevOps seems to be on the mind of a lot of folks these days. Many articles have been written on how to strategically move groups to well-functioning and secure DevOp methodologies. Leading experts, who've been in the DevOps trenches, are now..

Continue Reading >>

Why You Must Build Cybersecurity Into Your Applications

In a series of recent articles, Dan Woods from Forbes, has been analyzing how companies can best allocate their security portfolio dollars. To understand the security products on the market that can help companies address these complicated issues,..

Continue Reading >>

The New OWASP Top 10 for 2017 Reveals New Critical Weakness in Application Defenses

The OWASP Top 10 - 2017 reflects a move towards modern, high-speed software development that we’ve seen explode across the industry since the last version of the Top 10 in 2013. 

While many of the vulnerabilities remain the same, the addition of..

Continue Reading >>

Rollback of FCC privacy requirements could have broad repercussions

Last week the United States Congress made the rather unsettling decision to roll-back FCC privacy regulations that prohibited ISPs from selling customers' browser history and other personal information without their permission.  This decision could..

Continue Reading >>

Today, Apps Are Continuous -- Shouldn't Security Be Too?

We're beginning to see a growing number of articles appearing in the business press that address the challenges with securing software applications that are being built via an agile or DevOps methodology.  In the past, software would stick to..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook