<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=113894&amp;fmt=gif">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Rollback of FCC privacy requirements could have broad repercussions

Last week the United States Congress made the rather unsettling decision to roll-back FCC privacy regulations that prohibited ISPs from selling customers' browser history and other personal information without their permission.  This decision could..

Continue Reading >>

Today, Apps Are Continuous -- Shouldn't Security Be Too?

We're beginning to see a growing number of articles appearing in the business press that address the challenges with securing software applications that are being built via an agile or DevOps methodology.  In the past, software would stick to..

Continue Reading >>

We are Seeing Ongoing Struts 2 Attacks

If you’re running web applications on the Internet, then you’re almost certainly seeing probes for the Struts 2 vulnerability (CVE-2017-5638). These attacks started within hours of the vulnerability being released, and we continue to see..

Continue Reading >>

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading >>

Cloud Developers Can Now Get Cloud Foundry Certified!

Cloud developers can now become certified as Cloud Foundary experts, thanks to the folks at Cloud Foundry Foundation, who announced last week the launch of a cloud based developer certification initiative. The genesis behind this initiative will..

Continue Reading >>

How To Select The Right Products For Your Cybersecurity Portfolio

So far in his cybersecurity series, Dan Woods' Forbes articles have focused on how to build the right cybersecurity portfolio for your business. He has outlined three key steps companies should take, and advocated that companies not overspend on..

Continue Reading >>

How Can CISOs Create A Balanced Portfolio Of Cybersecurity Products?

We’re entering a world of deepening complexity when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all..

Continue Reading >>

US Needs a Federal CISO — A Response to the Appointment of a US Cybersecurity Coordinator

In response to the Trump administration announcement of the appointment of a White House cybersecurity coordinator. Contrast Security Co-founder and CTO, Jeff Williams, was ask to provide his thoughts in a recently published CSO article, "US Needs a..

Continue Reading >>

7 Things to Ask Yourself About Software Security

Software affects virtually every aspect of an individual – finances, safety, government, communication, businesses, and even happiness. Vulnerable software applications are a leading cause of enterprise data breaches,[1] creating headaches for IT..

Continue Reading >>

The WikiLeaks CIA Dump Dominates AppSec News Coverage

WikiLeaks has been dominating recent news when it released "Vault 7", a new series of leaks it claims came from the United States Central Intelligence Agency (CIA). WikiLeaks delared that Vault 7  "is the largest ever publication of confidential..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook