The latest News and Information on Application Security including monitoring, testing, and open source.
We are excited to announce the inaugural edition of the Mend.io Open-Source Reliability Leaderboard! Powered by data from Renovate, the wildly popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.
This is the second article in our Application Security 101 mini-series. Read our first blog on how to configure HTTP response headers with security best practices. This time we’re going to discuss another misconfiguration that we often find during website penetration testing. This is not necessarily a ‘vulnerability’, however information disclosure via HTTP response headers can provide exact version information of the web server or web technologies in use on the underlying host.
In today's interconnected and technology-driven world, cyber threats have become a significant concern for businesses. With the rise of advanced cyber attacks, data breaches, and cybercriminals, it has become imperative for organizations to implement strong security measures to protect their applications and data. Automated testing tools are the number one go-to solution for security teams trying to scale the discovery of vulnerabilities in their applications. However, as modern software development practices evolve, new attack surfaces emerge and so do new security testing tools that cover different attack surfaces.
00:00 Intro: welcome Chris!
03:05 Trends in cloud security, reflected at fwd:cloudsec
05:00 fwd:cloudsec submissions - more practitioners needed!
10:40 Blurring the lines: what does that practically means?
19:30 Cloud service providers maturity: their security posture evolved
24:30 Public Cloud Security Breaches
30:01 Public Cloud Security Breaches demo
32:35 the Last Pass attack deep dive
38:00 Identify the crown jewels!
In an ever-evolving threat landscape, safeguarding the integrity of applications is a real concern. The consequences of a single security breach can be devastating, leading to data links, financial losses, and irreparable damage to a company’s reputation. Organizations across industries must equip themselves with reasonable defense mechanisms to fortify their applications against malicious actors.
Mend.io CEO Rami Sass, Jeff Martin, VP of product management, and CMO Arabella Hallawell recently sat down for a panel discussion on AppSec today. In this second of a two-part series, they get tactical, as they discuss seven best practices for building modern AppSec programs.
