Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2024

mend

ASPM and Modern Application Security

Aug 30, 2024 By Rami Sass In Mend
Gartner’s 2024 Hype Cycle for Application Security is making the rounds, and Application Security Posture Management (ASPM) continues to climb up and around the famous curve, from the Peak of Inflated Expectations in 2023 to this year’s slide towards the Trough of Disillusionment. That’s pretty fast movement for a technology that we haven’t yet succeeded in clearly defining!
Read Post
mend

Shining a Light on Shadow AI: What It Is and How to Find It

Aug 29, 2024 By Bar-El Tayouri In Mend
After speaking to a wide spectrum of customers ranging from SMBs to enterprises, three things have become clear: Add that together, and we get Shadow AI. This refers to AI usage that is not known or visible to an organization’s IT and security teams. Shadow AI comes in many forms, but in this blog we’ll stick to a discussion of Shadow AI as it pertains to applications. Application security teams are well aware that AI models come with additional risk.
Read Post

Maturing your AppSec Program with Toby Jackson - Secrets of AppSec Champions Podcast

Aug 20, 2024 By Mend In Mend
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot of good takeaway's that you can use almost immediately.
View Video
mend

Black Hat 2024: AI, AI, and Everything Else

Aug 16, 2024 By Chris Lindsey In Mend
I’m back from another Black Hat! It was great seeing everyone. I put out a message on LinkedIn for people to come find me and, boy, did they. The hallway conversations were so engaging, I was sometimes late getting to the official talks, but I’m getting ahead of myself. AI was everywhere, as we’d expect, but I also sat down to listen to experts on other topics like critical infrastructure, cyber insurance, and the root causes of cybersecurity failure.
Read Post
mend

Dude, Where's My Documentation?

Aug 8, 2024 By Chris Lindsey In Mend
This is a public service announcement: The not-so-simple act of securing applications produces a lot of documentation, including playbooks and policies, that isn’t typically needed on a daily basis. But when a zero-day event occurs, such as the recent Crowdstrike incident, application security teams better be able to find everything they need—and fast. Sadly, in both big and small companies, missing and outdated documentation is rampant.
Read Post

Your First 90 Days in a New AppSec Role with Anthony Israel-Davis - Secrets of AppSec Champions

Aug 5, 2024 By Mend In Mend
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot of good takeaway's that you can use almost immediately.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.