Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

Modern Application Security Needs More Than Tech. Don't Neglect Governance

Nov 17, 2022 By Carol Hildebrand In Mend

This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks.

Read Post

Mend

Read more about Modern Application Security Needs More Than Tech. Don't Neglect Governance

SAST - All About Static Application Security Testing

Nov 16, 2022 By Ayala Goldstein In Mend

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future. Contents hide 1 What Is SAST? 2 Why do we need SAST? 3 What problems does SAST address? 4 How does SAST work?

Read Post

Mend

Read more about SAST - All About Static Application Security Testing

SAST - All About Static Application Security Testing

Nov 16, 2022 By Adam Murray In Mend

Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. Forrester’s State Of Application Security Report, 2022 found that lacking application security remains a leading cause of external security breaches, so it’s safe to say that SAST will be in use for the foreseeable future.

Read Post

Mend

Read more about SAST - All About Static Application Security Testing

4 Reasons Scan Results May Differ Over Time: Advice from an Application Security Consultant

Nov 15, 2022 By Jim Jastrzebski In Veracode

You didn’t change anything in your code, yet the scan is different this time. Here’s advice from an Application Security Consultant on why that may be. Have you ever wondered why you scan code one day and get one result, and then scan the same code a month later and get different results – even though you never changed anything?

Read Post

Veracode

Read more about 4 Reasons Scan Results May Differ Over Time: Advice from an Application Security Consultant

AppSec Decoded: WhiteHat Dynamic

Nov 15, 2022 By Synopsys In Synopsys

Learn more about Synopsys Software Integrity: https://www.synopsys.com/software-integrity.html
Subscribe: https://www.youtube.com/synopsys
Follow Synopsys on Twitter: https://twitter.com/sw_integrity

View Video

Synopsys

Read more about AppSec Decoded: WhiteHat Dynamic

Dash Panel Discussion: Foundations of Security and Leadership at Scale

Nov 15, 2022 By Datadog In Datadog

As businesses have modernized and migrated their tech stacks from on-prem to the cloud and broken down monoliths into microservices, security teams have had to evolve. This evolution has led to new tools and new practices to avoid incidents. In this panel moderated by Datadog’s Andrew Krug, we chat with security engineering leaders about the processes they’ve adopted or created to keep modern, distributed systems safe. We also discuss what organizations can do to keep ahead of threats as our systems keep advancing.

View Video

Datadog

Read more about Dash Panel Discussion: Foundations of Security and Leadership at Scale

Building a Modern AppSec Program: AWS-Mend Fireside Chat

Nov 10, 2022 By Adam Murray In Mend

The modern approach to application security includes strategies and technologies that help development teams prioritize the vulnerabilities they should address and fix. By giving these teams tools that efficiently identify security vulnerabilities that present the biggest risk, they can address them as quickly as possible. Ori Bach, EVP of Product at Mend, and Harry Mower, Director, AWS CodeSuite, got together for a fireside chat to discuss how to implement these strategies.

Read Post

Mend

Read more about Building a Modern AppSec Program: AWS-Mend Fireside Chat

JavaScript security best practices for securing your applications

Nov 9, 2022 By Alberto Fernández Reyes In Synopsys

JavaScript, like other programming languages, are not without security challenges. These JavaScript security best practices will help you build more-secure code. JavaScript is one of the most popular programming languages, largely because it’s an easy language for beginners. It’s easy to set up, it has an active and vast community, and users can create web, mobile, and desktop applications using only JavaScript.

Read Post

Synopsys

Read more about JavaScript security best practices for securing your applications

Veracode Peer Benchmarking

Nov 8, 2022 By Veracode In Veracode

Veracode Peer Benchmarking empowers you to view on-demand benchmark reports to identify strengths and weaknesses, define goals, track KPIs, and demonstrate security as a competitive differentiator.

View Video

Veracode

Read more about Veracode Peer Benchmarking

Scalable SAST and SCA in a single solution with Polaris fAST services

Nov 8, 2022 By Patrick Carey In Synopsys

Polaris fAST services are fast, powerful, and easy-to-use cloud-based application security testing, optimized for DevSecOps. Fast. These days, it can be hard for us to agree on much of anything. But one thing that seems to unite us all is that when we want something, we want it now. And we need it fast. Fast is definitely top-of-mind for anybody producing software. Delivery schedules are constantly being compressed, so anything that reduces the time for developer tasks is a good thing.

Read Post