Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

Discover your exposure to the XZ Utilities backdoor in 10 seconds or less

When high profile security events happen, it is essential for you and your team to have the information you require right at your fingertips. Using Panoptica’s powerful graph database and easy to use query engine, you are easily able to discover all the assets in all your cloud environments that could have compromised software installed.

Cloud Unfiltered with Matt Johnson - Cloud Native Security at KubeCon 2024

In this special edition of Cloud Unfiltered, recorded live from KubeCon Paris, host Michael Chenetz sits down with Matt Johnson, Cloud Security Field CTO at Palo Alto Networks, to dive deep into the evolving landscape of cloud native security. As organizations continue to embrace cloud technologies and Kubernetes, the complexity of securing these environments has never been more challenging. Matt shares his insights on the current state of cloud security, the importance of a holistic approach to securing applications across multiple layers, and the role of developers in the security ecosystem.

Cloud Unfiltered with Sebastian Stadil - The Evolution of IaC at KubeCon 2024

In this special edition of Cloud Unfiltered, recorded at KubeCon Paris, host Michael Chenetz sits down with Sebastian Stadil, co-founder of Scalr. Sebastian has been pivotal in the DevOps community, especially with his recent work spearheading the OpenTofu initiative. During this insightful episode, Sebastian shares his journey in the tech world, the mission behind Scalr, and his perspectives on the evolution of infrastructure as code.

Cloud Unfiltered with Whitney Lee and Victor Farcic - Choose Your Own Adventure at KubeCon 2024

Embark on a unique journey into the depths of cloud security in this riveting edition of Cloud Unfiltered, direct from the heart of KubeCon Paris. This episode, featuring the insightful Whitney Lee and the knowledgeable Victor Farcic, takes you on a "Choose Your Own Adventure" exploration of cloud security, offering a personalized path through the complex landscape of protecting cloud environments.

Filter and prioritize IAST vulnerability findings using Project Views in Seeker | Synopsys

In this video, Product Manager, Scott Tolley shows how setting up the new Project Views feature in Seeker can help developers focus their time and attention on the most relevant vulnerability findings in running applications– without hiding the full details from security team. This new feature lets security and development teams...

15 Web Application Security Best Practices

Every day that an application is anything less than ‘fully secure’ is a day for a potential data breach. Consumer data, sensitive business information, monetary transactions, and business reputation; everything is at stake. Investing in effective web application security is the best and only way to mitigate the risk of financial losses and reputational damage for businesses. This blog presents a comprehensive blueprint for implementing best practices in application security.

Six takeaways from our ASPM masterclass series

Software development moves fast, and many application security teams struggle to keep up. More sophisticated agile, DevOps, and cloud practices, along with the growing use of AI, mean more agility for development teams. However, these innovations are a challenge for security teams, as they must move at this same speed in order to secure applications effectively. Application security posture management (ASPM) directly responds to these emerging challenges.

Security at the Speed of Cloud

Cloud native technologies have empowered engineering teams to innovate rapidly: from releasing a few times a year to several times a day. This means security assessment have to be done continuously. To achieve this, developer, operation, and security teams have to collaborate in novel ways. Instead of communicating through backlogs, they need to work towards shared objectives. From processes to tooling, teams have to rethink the way they approach security, share context, and improve the security posture of their organization.