%term

The latest News and Information on Application Security including monitoring, testing, and open source.

3 Jedi-inspired lessons to level up your JavaScript security

May 4, 2022 By Liran Tal In Snyk

You might think of Star Wars as a movie reserved for geeks, but what if I told you that there are deep life lessons that can be applied to developer security practices? Get your lightsaber ready and prepare to dive into JavaScript security! Star Wars is an epic space-based film series written and directed by George Lucas that often needs no introduction. I’m a fan myself, and personally relate to many of the quotes shared by Jedi Knights in the movie series.

Read Post

Snyk

Read more about 3 Jedi-inspired lessons to level up your JavaScript security

Security Is Everyone's Job - Linux Vulnerabilities in Production Infra (Nick Davis)

May 3, 2022 By Datadog In Datadog

Security vulnerabilities can show up anywhere in production. In this talk, Nick Davis from Datadog describes an approach to improve the response to new security vulnerabilities, with specifics around the DirtyPipe vulnerability.

View Video

Datadog

Read more about Security Is Everyone's Job - Linux Vulnerabilities in Production Infra (Nick Davis)

Recapping Datadog Summit Denver 2022

May 2, 2022 By Kirk Kaiser In Datadog

After a two-year hiatus, Datadog customer summits are back. And what better place to begin in-person again than in sunny Denver, Colorado!

Read Post

Datadog

Read more about Recapping Datadog Summit Denver 2022

Official Close of TA Investment Sparks Next Step of Veracode Journey

May 2, 2022 By Sam King In Veracode

Recently I shared with you our excitement about our agreement with TA Associates (TA) to make a significant growth investment in Veracode. I am pleased to share that the deal is now closed, opening up a tremendous new chapter in Veracode’s journey.

Read Post

Veracode

Read more about Official Close of TA Investment Sparks Next Step of Veracode Journey

What makes an Application Security Champion | Evan Gertis

Apr 29, 2022 By Veracode In Veracode

Veracode Community Manager Javed Mohammed discusses with Security Consultant Evan Gertis, what makes an Application Security Champion, best practices, and more.

View Video

Veracode

Read more about What makes an Application Security Champion | Evan Gertis

Introducing Datadog Application Security Monitoring

Apr 27, 2022 By Lucas Masson In Datadog

Securing modern-day production systems is expensive and complex. Teams often need to implement extensive measures, such as secure coding practices, security testing, periodic vulnerability scans and penetration tests, and protections at the network edge. Even when organizations have the resources to deploy these solutions, they still struggle to keep pace with software teams, especially as they accelerate their release cycles and migrate to distributed systems and microservices.

Read Post

Datadog

Read more about Introducing Datadog Application Security Monitoring

How to generate a Software Bill of Materials (SBOM) using Veracode Software Composition Analysis

Apr 25, 2022 By Veracode In Veracode

In this video, we’ll demo how to use the SBOM API with Veracode Software Composition Analysis (SCA) to generate a Software Bill of Materials (SBOM). The new SBOM API provides an inventory of components within your application with insight into the relationships between the components. Exported in CycloneDX format, the SBOM identifies which components are coming from 3rd party sources and offers visibility into your software supply chain.

View Video

Veracode

Read more about How to generate a Software Bill of Materials (SBOM) using Veracode Software Composition Analysis

How to Generate an SBOM in Veracode SCA

Apr 25, 2022 By Saoirse Hinksmon In Veracode

Emerging government regulations have driven the advancement of standards for securing software supply chains. The production of a Software Bill of Materials (SBOM) in a standard format is an increasing audit and compliance need for large organizations.

Read Post

Veracode

Read more about How to Generate an SBOM in Veracode SCA

Just Because You Don't Use Log4j or Spring Beans Doesn't Mean Your Application is Unaffected

Apr 20, 2022 By Hope Goslin In Veracode

By now, you’re probably all aware of the recent Log4j and Spring Framework vulnerabilities. As a recap, the Log4j vulnerability – made public on December 10, 2021 – was the result of an exploitable logging feature that, if successfully exploited, could allow attackers to perform an RCE (Remote Code Execution) and compromise the affected server.

Read Post

Veracode

Read more about Just Because You Don't Use Log4j or Spring Beans Doesn't Mean Your Application is Unaffected

CIS Control 16 Application Software Security

Apr 20, 2022 By Matthew Jerzewski In Tripwire

The way in which we interact with applications has changed dramatically over years. Enterprises use applications in day-to-day operations to manage their most sensitive data and control access to system resources. Instead of traversing a labyrinth of networks and systems, attackers today see an opening to turn an organizations applications against it to bypass network security controls and compromise sensitive data.

Read Post