AppSec Decoded: Exploring open source trends from the 2024 OSSRA
Discover open source security trends, common vulnerabilities, the risks of AI-generated code, and more from the latest OSSRA report.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Application Security
The latest News and Information on Application Security including monitoring, testing, and open source.
Datadog Telemetry Compliance Demo
With Datadog Sensitive Data Scanner and Audit Trail, you can coalesce governance activities throughout your organization, meet compliance requirement, control access and budget, and empower your teams with the visibility they need to work securely and effectively.
This Month in Datadog spotlights Datadog SCA #datadog #devsecops #shorts
Join us on This Month in Datadog for a spotlight of Datadog SCA, which helps teams track and manage open source libraries in their apps, so they’re better able to address security risks, business risks, and licensing. Watch the new episode now.
Sponsored Post
Running DAST in CI/CD for Regression Testing
In the fast-paced field of software development, ensuring applications remain functional and secure through updates is essential. Regression testing, which checks that new code doesn't harm existing features, is key. Dynamic Application Security Testing (DAST) tools play a crucial role here. They identify security flaws in active web applications. This article explores the importance of DAST tools, integration, and enhancement in regression testing.
AppSec Decoded: How to obtain visibility into your AppSec risk | Synopsys
Too many tests, tools, and findings reduce visibility into your AppSec risk. Learn how an ASPM solution can help.
This Month in Datadog: Software Composition Analysis, Trace Queries, Retention Analysis, and more
Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events.
Why MobSF Isn't Ideal for Application Security Testing?
Mobile Security Framework (MobSF), launched by OWASP in 2015, is a partially automated, open-source, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic, and malware analysis. MobSF is one of the most widely used security applications where the testing framework - a simple, flexible, and incredibly powerful tool has quickly become the lingua franca of security. The flexibility and accessibility of the tool are helpful but also dangerous.
Microsoft Azure CLI affected by CVE-2022-39327
CVE-2022-39327 is a code injection vulnerability that affects the command-line interface for Microsoft Azure (Azure CLI). The vulnerability allows an attacker to execute arbitrary commands on a Windows machine that runs an Azure CLI command with untrusted parameter values. The vulnerability was discovered by GitHub Security Lab and reported to Microsoft on October 7, 2022. Microsoft released a patch for the vulnerability on October 25, 2022, in version 2.40.0 of the Azure CLI.
The 2024 Open Source Security and Risk Analysis (OSSRA) Report | Synopsys
Open source is in everything, everywhere, all at once. Get an in-depth look at the current state of open source security with the ninth edition of the “Open Source Security and Risk Analysis”(OSSRA) report. Do you know what's in your code?
How REI built a DevSecOps culture and how Snyk helped
A few years ago, REI embarked on its digital transformation and cloud migration journey, moving on-prem development environments to AWS. But, as REI’s development teams began this transition, their security counterparts noticed that application security just wasn’t keeping up. As a result, REI began another journey: identifying the right security tooling and cultural shifts for AppSec success.