The latest News and Information on Application Security including monitoring, testing, and open source.
As digital transformation continues to take over the world, security increasingly becomes a concern for companies of all sizes. No matter how big of a security team you might have, it is hard to speak a common language between security and development teams on what controls you need during the software development life cycle. To tackle this problem, OWASP has released Application Security Verification Standard towards the end of 2021.
The continuing escalation in cyberattacks on large corporations, coupled with an acceleration of digital transformation, has forced organizations to reassess their security strategies and infrastructure. This escalation has driven growth in the adoption of zero-trust application security and compliance. The zero-trust approach means that no devices or software should be trusted by default, even if they have permissions and previous verification.
A few months ago, we released our 12th annual State of Software Security (SOSS) Report. In our announcement blog, we noted new application development trends (like increased use of microservices and open-source libraries), the positive impact that Veracode Security Labs has on time to remediate security flaws, and the increased use of multiple application security scan types. But what we have yet to dive into is the security flaws we found in different programming languages.