<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Google Docs May Still be Vulnerable to Phishing Attacks

On Tuesday, users of Google Docs were targeted with an email phishing attack. The email content was a ruse to trick folks into granting access to their contact data. Google quickly put measures into place to stop the attack. Please visit this..

Continue Reading

Portable Builds with Docker

At Contrast, we like to enable developers to solve their own problems without submitting tickets to the Operations team. We also like to define our infrastructure with code.

Continue Reading

Why You Must Build Cybersecurity Into Your Applications

In a series of recent articles, Dan Woods from Forbes, has been analyzing how companies can best allocate their security portfolio dollars. To understand the security products on the market that can help companies address these complicated issues,..

Continue Reading

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading

7 Things to Ask Yourself About Software Security

Software affects virtually every aspect of an individual – finances, safety, government, communication, businesses, and even happiness. Vulnerable software applications are a leading cause of enterprise data breaches,[1] creating headaches for IT..

Continue Reading

Crash Testing your Connected Stuff — Before you Get Hacked!

People have to pay to subscribe to Consumer Reports. But you may benefit from a new wave of security testing — for free. According to Archer News you may soon be able to tell if that "thing" you want to buy will keep you safe from hackers or..

Continue Reading

It’s Still Flu Season: Get a Flu Shot! Masks Won’t Help — Same Goes for AppSec — Read a WAF Comparison

Come flu season, you have two options – cover your face with a mask and hope you don’t catch anything. Or, do the responsible thing: get a flu shot and protect your entire body and immune system from within. For your software applications, it’s..

Continue Reading

What is OWASP, and Why it Matters for AppSec

Vulnerability research conducted by Contrast Labs was referenced in an article "What is OWASP and Why it Matters for AppSec." The Network World article, written by Michelle Drolet, discusses OWASP and why it proves the need for modern,..

Continue Reading

Ditch Your Web Application Firewall (WAF) — 3 Reasons Why

It is time… time to ditch traditional approaches to the way we have managed application security. Specifically, it’s time to ditch your Web Application Firewalls (WAFs). Ten to fifteen years ago, WAFs were revolutionizing the way we thought of..

Continue Reading

Automating Application Security in Modern Software Projects

Today, it seems like every organization has become a software company.

The increasing dependence on automation demands that software survive and thrive despite an increasingly hostile environment.

Insecure code has become the leading security..

Continue Reading

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook