<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Supercharged Application Resilience: Improve Performance with Application Security Monitoring

More and more companies interact with customers via digital channels, making the digital customer experience they provide a critical component of business success1. A crashed or poorly performing application will negatively impact customer..

Continue Reading

A CTO's Response to Trump's Cybersecurity Executive Order

In principle, holding each agency head accountable for his or her agency’s cybersecurity is logical. The problem with that is they were already accountable. When the OPM was breached, director Katherine Archuleta stepped down. And there were calls..

Continue Reading

Improve Application Security by Turning it into Code

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong.

Continue Reading

We are Seeing Ongoing Struts 2 Attacks

If you’re running web applications on the Internet, then you’re almost certainly seeing probes for the Struts 2 vulnerability (CVE-2017-5638). These attacks started within hours of the vulnerability being released, and we continue to see..

Continue Reading

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading

How Can CISOs Create A Balanced Portfolio Of Cybersecurity Products?

We’re entering a world of deepening complexity when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all..

Continue Reading

US Needs a Federal CISO — A Response to the Appointment of a US Cybersecurity Coordinator

In response to the Trump administration announcement of the appointment of a White House cybersecurity coordinator. Contrast Security Co-founder and CTO, Jeff Williams, was ask to provide his thoughts in a recently published CSO article, "US Needs a..

Continue Reading

What is OWASP, and Why it Matters for AppSec

Vulnerability research conducted by Contrast Labs was referenced in an article "What is OWASP and Why it Matters for AppSec." The Network World article, written by Michelle Drolet, discusses OWASP and why it proves the need for modern,..

Continue Reading

Cybersecurity Execs Voice Concern over Trump Travel Ban

Last Friday President Trump signed executive orders that banned nationals of seven countries that included all people hailing from: Iraq, Syria, Iran, Libya, Somalia, Sudan and Yemen. The executive order also bans entry of those fleeing from..

Continue Reading

DevOps Security: Turn Security into Code [RSA Preview]

The San Francisco edition of the annual RSA security conference is just around the corner. DevOps security is a hot topic right now, and the RSA schedule includes a day-long seminar dubbed "DevOps Connect: DevSecOps Edition."

The list of security..

Continue Reading

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook