Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

Bionic.ai

WhatsApp Data Breach

Meta is a technology behemoth that’s constantly under attack. And unfortunately, it has a long list of security events resulting in the loss of user data. Keep in mind Meta attracts top-caliber software engineers. As the first letter of the envied FAANG / MAANG acronym, it’s an institution employing the best of the best. So, when the recent news broke loose about phone numbers of 500 million WhatsApp users being up for sale, it should’ve been a shocker.

synopsys

Custom and variant licenses: What's in the fine print?

See examples of custom and variant licenses and how Black Duck Audits flag these licenses to help legal teams evaluate software risk. An open source audit reveals much about modern software. A thorough one will draw attention to license issues that go beyond typical open source license conflicts. The baseline finding of an audit is a complete, accurate software Bill of Materials (SBOM) of open source and third-party software in the code.

Configure the API Credentials File on Windows

In this video, you will learn how to generate Veracode API credentials in the Veracode Platform and configure an API credentials file for storing your API credentials on Windows. Veracode API credentials consist of an ID and secret key. You use these credentials to access the Veracode APIs and Veracode integrations. API ID and key authentication provides improved security and session management for accessing the APIs.

Datadog Cloud Security Management Demo

Datadog Cloud Security Management provides security context for your observability data to help you quickly identify threats and misconfigurations across your infrastructure. In this demo, we show you how Cloud Security Management allows you to remediate threats, collaborate with other teams, and declare incidents for further investigation, giving you complete cloud-native application protection.
signmycode

Must Know Approaches for Maintaining Mobile Application Security and CIA Traits

Nowadays, every business wants to reach out to a larger audience. And the best way for it is Mobile App Development. Whether someone is at work, at home, or somewhere outside, people frequently go through apps on their mobiles. Such apps collect data, store it and process it to provide reliable results. Indeed, our sensitive and confidential data is also getting into the same process. Hence, it makes a top priority to focus on mobile application security.

mend

Modern Application Security Needs More Than Tech. Don't Neglect Governance

This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks.

Bionic.ai

How Unsecured APIs Leak Customer Data

Many security outsiders think data leaks result from diligent efforts by seasoned hackers. In reality, minor oversights and mistakes in code frequently cause data breaches. And with engineers pressured to release features quickly, it’s no wonder these mistakes are common. Unsecured Application Programming Interfaces (APIs) are particularly dangerous because they’re synonymous with Broken Access Control, the highest of the OWASP top 10 web application security risks.

mend

SAST - All About Static Application Security Testing

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future. Contents hide 1 What Is SAST? 2 Why do we need SAST? 3 What problems does SAST address? 4 How does SAST work?

mend

SAST - All About Static Application Security Testing

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future.