The General Data Protection Regulation (GDPR) set a huge precedent in modern digital privacy regulation. We've seen regions throughout the world adopt similar data protection laws in the time since its inception, and the financial liabilities are only part of the story. Customers and users of software products are now savvier than ever when it comes to understanding the importance of data privacy rights.
In their debut LP, Q: Are We Not Men? A: We Are Devo!, the band introduces their defining theme that mankind’s evolution has reached the point—devolved to the point, actually—that we are converging on sameness… emotionless and robotic. This notion informed everything from the way Devo dressed (awesome!), to the music they wrote, to the way they performed. What does the band Devo’s theme of devolution have to do with me joining a software company of the same name?
As government agencies accelerate migrating their operations to the cloud, they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) provides the standard that these agencies—and their private-sector partners—must meet to work and manage federal data safely in the cloud.
JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor went over it, and applets that could give you your local weather forecast or tell you which web browser you’re using.
A SaaS start-up can only go so far before it’s time to consider certifications and compliance standards for advancement. But let’s make it clear that at Detectify, we don’t see compliance as security. If you’re stuck in between the two right now, here’s our use case for getting ISO 27001 certification and how we made it work for Detectify, a SaaS-based web application security scale-up that has its fair share of passionate security defenders aboard!
Like most people, I am not at all sad to see 2020 go. It introduced unique pressures that challenged all of us in different ways. As snykers, I believe we have emerged stronger. Throughout the year, our global team—alongside our partners and customers—reached so many impressive milestones, made that much sweeter due to the headwinds we all faced in achieving them. Ending the fiscal year, Snyk: Yes—two acquisitions.
The management consulting firm Korn Ferry recently surveyed professionals about what they were most looking forward to when they return to the office, and more than 20 percent of them said “nothing.” (No kidding.) Some 64 percent of respondents are cited as saying that they’re more productive at home. (Not surprised.)
The gold standard for creating an application security (AppSec) program is – and always will be – to follow best practices. By following preestablished and proven methods, you can ensure that you are maximizing the benefits of your AppSec program. Unfortunately, time, budget, culture, expertise, and executive buy-in often restrict organizations from following best practices. But that doesn’t mean that you can’t create an impactful AppSec program.
It’s no secret that the world has become more dependent on mobile technology. We can now pay our bills, shop for groceries and share photos with family with the tap of a finger. But this also means that our personal data is now more exposed than ever. On the bright side, we are collectively becoming more conscious about data privacy. In 2020, TikTok kick started an unexpected global discussion about what data apps collect and how they are used.
