%term

Automating Security Workflows with DAST Essentials

Sep 19, 2024 By Jenny Buckingham In Veracode

In today's digital landscape, developers face mounting pressure to deliver secure applications within tight deadlines. But with faster release cycles, it becomes challenging to prioritize security. Security testing needs to work and scale within your DevOps speed and release frequency. Web applications are highly targeted assets, accounting for 40% of breaches within organizations, according to the Verizon Data Breach Investigations Report.

Read Post

Veracode

Read more about Automating Security Workflows with DAST Essentials

Redefining Security Investments: SAST Scans and DFPM

Sep 16, 2024 By Riscosity In Riscosity

In today's ever-evolving digital landscape, teams must have a strong understanding of the security measures that will work best for their environment and how to implement them. During this event, we explore the benefits of utilizing SAST scans and DFPM (Data Flow Posture Management) tools to create robust security guardrails for your organization. Hear from Anirban Banerjee, CEO and Co-founder of Riscosity, and Milan Williams, Sr. Product Manager at Semgrep, as they dive into how teams can approach security investments starting with SAST scans and data flow security.

View Video

Riscosity

Read more about Redefining Security Investments: SAST Scans and DFPM

Revolutionizing Security Testing: Advancements in Automated DAST on Real Devices

Sep 9, 2024 By Raghunandan J In Appknox

With organizations continuing to build and enhance their mobile applications and developers embracing new ways of building applications to improve the speed to market and customer experiences, billions of dollars are invested in Appsec tools. However, 85% of these applications still contain known vulnerabilities, and most breaches occur at the application layer. Automated DAST helps in combating such vulnerabilities.

Read Post

Appknox

Read more about Revolutionizing Security Testing: Advancements in Automated DAST on Real Devices

Your Return on Investment: Veracode Dynamic Analysis

Sep 6, 2024 By Jenny Buckingham In Veracode

Demonstrating Return on Investment (ROI)—showing how your security investments translate into tangible business value—helps assess their impact. Veracode Dynamic Analysis enables you to deliver secure software that aligns with business goals such as reducing risk, cutting costs, and saving time. To see the potential business value of Veracode Dynamic Analysis for your organization, check out our ROI calculator.

Read Post

Veracode

Read more about Your Return on Investment: Veracode Dynamic Analysis

Code Intelligence Appoints Dr. Eric Brüggemann as CEO as Company Continues to Grow at Scale

Sep 5, 2024 By Code Intelligence In Code Intelligence

Former BCG and Thinkproject Executive to Lead Code Intelligence Through Continued International Expansion.

Read Post

Code Intelligence

Read more about Code Intelligence Appoints Dr. Eric Brüggemann as CEO as Company Continues to Grow at Scale

Dynamic Application Security Testing (DAST): An Overview

Sep 5, 2024 By Subho Halder In Appknox

Dynamic Application Security Testing (DAST) is an advanced testing method that tests the production environment and analyzes application security at runtime. This type of black box testing identifies real-world vulnerabilities externally without much need for insights into the product provenance of any single component. By simulating real-world attacks in your system, DAST identifies critical security gaps that other vulnerability assessments and static methods might miss.

Read Post

Appknox

Read more about Dynamic Application Security Testing (DAST): An Overview

SAST vs DAST: What you need to know.

Sep 2, 2024 By Madeline Lawrence In Aikido

So, you’re looking for SAST and DAST. Or, you’re looking to understand what SAST and DAST tools are: What are the key differences? How do you use them together? Do you need them? You’re in the right place. Let’s dive in.

Read Post

Aikido

Read more about SAST vs DAST: What you need to know.

SAST vs DAST: Which one do you really need?

Aug 27, 2024 By Eyal Katz In Spectral

Security testing? Ain’t nobody got time for that. Or budget. Or the necessary skills to align coding practices with organizational and regulatory compliance efforts. Developers are too busy racing against themselves and the expected development velocity of modern development teams. Mistakes are bound to happen.

Read Post

Spectral

Read more about SAST vs DAST: Which one do you really need?

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Aug 22, 2024 By Khaled Yakdan In Code Intelligence

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Read Post

Code Intelligence

Read more about Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Detecting Out-of-Bounds Memory Access, Which Caused The Crowdstike's Incident

Aug 14, 2024 By Code Intelligence In Code Intelligence

The Crowdstrike incident is a recent example of out-of-bounds memory access in C/C++ causing a crash. CrowdStrike reported that problematic content in Channel File 291 triggered an out-of-bounds memory read, leading to a Windows operating system crash (BSOD). Another critical example with the exact root cause is the Heartbleed vulnerability, which affected the OpenSSL library. Remarkably, fuzz testing could identify this issue in less than 10 seconds. Watch the video to see fuzz testing in action.

View Video