Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

Three reasons to invest in an ASPM solution in 2024

Dec 12, 2023 By Julia Kraut In Snyk

The pace of software development is astounding! The transition to agile, DevOps, cloud, and the supercharged use of AI is empowering distributed development teams to build software with greater speed and autonomy. In contrast to the remarkable strides in development methodologies, maintaining a robust security posture has become a formidable challenge. AppSec teams are still playing catchup, both outnumbered and out-resourced.

Read Post

Snyk

Read more about Three reasons to invest in an ASPM solution in 2024

Announcing Snyk AppRisk: Elevate your AppSec game with ASPM

Dec 12, 2023 By Daniel Berman In Snyk

Snyk AppRisk provides AppSec teams with the comprehensive application security posture management (ASPM) workbench they need to govern and scale their security programs as well as minimize risk arising from applications.

Read Post

Snyk

Read more about Announcing Snyk AppRisk: Elevate your AppSec game with ASPM

Leveraging OpenAPI as a Core Element of API and Application Security

Dec 8, 2023 By Robert Dickinson In Graylog

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Read Post

Graylog

Read more about Leveraging OpenAPI as a Core Element of API and Application Security

Synopsys named as a Customers' Choice in the 2023 Gartner Peer Insights Voice of the Customer for Application Security Testing

Dec 7, 2023 By Synopsys Editorial Team In Synopsys

Synopsys is proud to announce that we have been recognized as a Customers’ Choice vendor in the 2023 Voice of the Customer for Application Security Testing on Gartner® Peer Insights™. This distinction is a recognition of vendors in this market based on feedback and ratings from 59 verified end users of our product as of October 2023. Overall, Synopsys reviewers gave us a 4.6 out of 5, with 90% saying they would recommend our product.

Read Post

Synopsys

Read more about Synopsys named as a Customers' Choice in the 2023 Gartner Peer Insights Voice of the Customer for Application Security Testing

Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions

Dec 7, 2023 By Guest Expert In GitGuardian

In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team.

Read Post

GitGuardian

Read more about Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions

Seeker IAST helps teams understand the security posture of their applications | Synopsys

Dec 7, 2023 By Synopsys In Synopsys

In this video, we show how product and security teams can determine the security posture of all applications within their organization. Join us to learn how to view compliance to security standards such as OWASP Top Ten, PCI DSS, and others across the entire application portfolio, drill into project level details, and see insights into endpoint risk coverage.

View Video

Synopsys

Read more about Seeker IAST helps teams understand the security posture of their applications | Synopsys

Job-to-be-Done: Understand what is being continuously tested and monitored across my attack surface

Dec 5, 2023 By Detectify In Detectify

In order for AppSec and ProdSec teams to stay on top of their growing attack surface, they must understand what parts of their attack surface are being continuously monitored and scanned, such as where, when, what, and how. This can include, but is not limited to.

Read Post

Detectify

Read more about Job-to-be-Done: Understand what is being continuously tested and monitored across my attack surface

ISO 27001 certification: 8 things we learned

Dec 5, 2023 By Roeland Delrue In Aikido

Aikido has just gone through the process of becoming ISO 27001:2022 and SOC 2 Type 2 compliant. And one of the things we wish we’d had was some practical, no-nonsense advice on how to get started. Best practices, things to watch out for - basically tips from someone who’d already been through the ISO 27001 certification process. Read more about Aikido’s path to becoming ISO 27001:2022 compliant and the ISO 27001 requirements.

Read Post

Aikido

Read more about ISO 27001 certification: 8 things we learned

Container Security Fundamentals - Seccomp

Dec 4, 2023 By Datadog In Datadog

In this video we're looking at how to harden Docker containers by seccomp to filter syscalls that containers can make.

View Video

Datadog

Read more about Container Security Fundamentals - Seccomp

Unveiling Application Security: Threats, Tools, and Best Practices for 2024

Dec 3, 2023 By Riscosity In Riscosity

In today's rapidly evolving digital landscape, application security has become a critical component of modern software development. As cyberattacks grow more sophisticated, ensuring the integrity of applications and protecting sensitive data that these applications store, process, or handle is of paramount importance. In this blog post, we will delve into the world of application security - exploring key components, testing techniques, essential tools, and best practices - to help you stay ahead of the curve and safeguard your applications from cyber threats.

Read Post