<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Thoughts on Modern Security Practices and Security Frameworks

How have modern assets like cloud instances, web-based applications, mobile devices, application containers, and others affected your security and risk management program?

It's way past time for organizations to realize how ridiculous it is to..

Continue Reading >>

Newest Contrast Labs' Report: State of Application Security - Libraries & Software Composition Analysis

Contrast Security has introduced a new report series, “State of Application Security,” based on research efforts by Contrast Labs. The data for these studies was gathered directly and continuously from within running applications and APIs using..

Continue Reading >>

The Case for Application Security Monitoring

Monitoring the Security of a Running Application has Been a Guessing Game

Until recently, we knew little to nothing about the security state inside a running application – unless developers built in custom logging. Without security visibility,..

Continue Reading >>

Google Docs May Still be Vulnerable to Phishing Attacks

On Tuesday, users of Google Docs were targeted with an email phishing attack. The email content was a ruse to trick folks into granting access to their contact data. Google quickly put measures into place to stop the attack. Please visit this..

Continue Reading >>

Portable Builds with Docker

At Contrast, we like to enable developers to solve their own problems without submitting tickets to the Operations team. We also like to define our infrastructure with code.

Continue Reading >>

Why You Must Build Cybersecurity Into Your Applications

In a series of recent articles, Dan Woods from Forbes, has been analyzing how companies can best allocate their security portfolio dollars. To understand the security products on the market that can help companies address these complicated issues,..

Continue Reading >>

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading >>

7 Things to Ask Yourself About Software Security

Software affects virtually every aspect of an individual – finances, safety, government, communication, businesses, and even happiness. Vulnerable software applications are a leading cause of enterprise data breaches,[1] creating headaches for IT..

Continue Reading >>

Crash Testing your Connected Stuff — Before you Get Hacked!

People have to pay to subscribe to Consumer Reports. But you may benefit from a new wave of security testing — for free. According to Archer News you may soon be able to tell if that "thing" you want to buy will keep you safe from hackers or..

Continue Reading >>

It’s Still Flu Season: Get a Flu Shot! Masks Won’t Help — Same Goes for AppSec — Read a WAF Comparison

Come flu season, you have two options – cover your face with a mask and hope you don’t catch anything. Or, do the responsible thing: get a flu shot and protect your entire body and immune system from within. For your software applications, it’s..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook